X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fpkcs12%2Fp12_kiss.c;h=c2ee2cc6f3a71e6e1aac1d839dc6e48e8c3f0cf3;hp=885087ad00fdbc4c74d0ae95e00b1c0f874ae92d;hb=1c2f1fe505f55a5df2430d78128a4ace331e6597;hpb=4e2a08ddd47ccac15aa8c1a4700cfb552e9d1734

diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 885087ad00..c2ee2cc6f3 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -80,7 +80,7 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
  * passed unitialised.
  */
 
-int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 	     STACK_OF(X509) **ca)
 {
 
@@ -141,7 +141,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 
 /* Parse the outer PKCS#12 structure */
 
-static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
+static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
 	     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
 {
 	STACK_OF(PKCS7) *asafes;
@@ -178,10 +178,10 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
 }
 
 
-static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-		       int passlen, EVP_PKEY **pkey, X509 **cert,
-		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
-		       char *keymatch)
+static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+		      int passlen, EVP_PKEY **pkey, X509 **cert,
+		      STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
+		      char *keymatch)
 {
 	int i;
 	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
@@ -197,9 +197,9 @@ static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
 #define MATCH_ALL  0x3
 
 static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-		      EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
-		      ASN1_OCTET_STRING **keyid,
-	     char *keymatch)
+		     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
+		     ASN1_OCTET_STRING **keyid,
+		     char *keymatch)
 {
 	PKCS8_PRIV_KEY_INFO *p8;
 	X509 *x509;
@@ -221,7 +221,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
 			if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
 		} else {
 			if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
-				PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE);
+				PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE);
 				return 0;
 		    }
 		}
@@ -249,14 +249,26 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
 		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
 								 return 1;
 		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
-		if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
+		if(ckid)
+			{
+			if (!X509_keyid_set1(x509, ckid->data, ckid->length))
+				{
+				X509_free(x509);
+				return 0;
+				}
+			}
 		if(fname) {
-			int len;
+			int len, r;
 			unsigned char *data;
 			len = ASN1_STRING_to_UTF8(&data, fname);
 			if(len > 0) {
-				X509_alias_set1(x509, data, len);
+				r = X509_alias_set1(x509, data, len);
 				OPENSSL_free(data);
+				if (!r)
+					{
+					X509_free(x509);
+					return 0;
+					}
 			}
 		}