Eliminate memory leaks in mem_dbg.c.

[openssl.git] / crypto / pkcs7 / pk7_lib.c

diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 312a5ed064b9dd71e9435576a5b2323377fc7e8c..45973fe8507cc3d08be0efeebea9446697873ac3 100644 (file)
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -123,7 +123,7 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
                {
        case NID_pkcs7_signed:
                if (p7->d.sign->contents != NULL)
-                       PKCS7_content_free(p7->d.sign->contents);
+                       PKCS7_free(p7->d.sign->contents);
                p7->d.sign->contents=p7_data;
                break;
        case NID_pkcs7_digest:
@@ -227,8 +227,13 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
                }
        if (!j) /* we need to add another algorithm */
                {
-               alg=X509_ALGOR_new();
+               if(!(alg=X509_ALGOR_new())
+                       || !(alg->parameter = ASN1_TYPE_new())) {
+                       PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
+                       return(0);
+               }
                alg->algorithm=OBJ_nid2obj(nid);
+               alg->parameter->type = V_ASN1_NULL;
                sk_X509_ALGOR_push(md_sk,alg);
                }
 
@@ -292,6 +297,9 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
             EVP_MD *dgst)
        {
+       char is_dsa;
+       if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
+       else is_dsa = 0;
        /* We now need to add another PKCS7_SIGNER_INFO entry */
        ASN1_INTEGER_set(p7i->version,1);
        X509_NAME_set(&p7i->issuer_and_serial->issuer,
@@ -308,8 +316,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
        p7i->pkey=pkey;
 
        /* Set the algorithms */
-       if (pkey->type == EVP_PKEY_DSA)
-               p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
+       if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
        else    
                p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
 
@@ -323,9 +330,12 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 
        if (p7i->digest_enc_alg->parameter != NULL)
                ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
-       if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
-               goto err;
-       p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+       if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
+       else {
+               if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
+                       goto err;
+               p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+       }
 
        return(1);
 err:
@@ -428,6 +438,7 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
        {
        int i;
+       ASN1_OBJECT *objtmp;
        PKCS7_ENC_CONTENT *ec;
 
        i=OBJ_obj2nid(p7->type);
@@ -444,7 +455,13 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
                return(0);
                }
 
-       /* Setup cipher OID */
+       /* Check cipher OID exists and has data in it*/
+       i = EVP_CIPHER_type(cipher);
+       if(i == NID_undef) {
+               PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
+               return(0);
+       }
+       objtmp = OBJ_nid2obj(i);
 
        ec->cipher = cipher;
        return 1;