projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make the necessary changes to work with the recent "ex_data" overhaul.
[openssl.git] / crypto / pkcs7 / pk7_smime.c
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 348ec1dbbe3cc053378e0dd0a4c4bf116404e684..f0d071e2824a60b3305c918aac8f66a3cecd359b 100644 (file)
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -201,11 +201,20 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
        if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
                signer = sk_X509_value (signers, k);
                if (!(flags & PKCS7_NOCHAIN)) {
-                       X509_STORE_CTX_init(&cert_ctx, store, signer,
-                                                       p7->d.sign->cert);
+                       if(!X509_STORE_CTX_init(&cert_ctx, store, signer,
+                                                       p7->d.sign->cert))
+                               {
+                               PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
+                               sk_X509_free(signers);
+                               return 0;
+                               }
                        X509_STORE_CTX_set_purpose(&cert_ctx,
                                                X509_PURPOSE_SMIME_SIGN);
-               } else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL);
+               } else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
+                       PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
+                       sk_X509_free(signers);
+                       return 0;
+               }
                i = X509_verify_cert(&cert_ctx);
                if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
                X509_STORE_CTX_cleanup(&cert_ctx);
Unnamed repository; edit this file 'description' to name the repository.