From 62178961456bae47fae35a3960b4d4d70995c9e3 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 10 May 2007 17:37:15 +0000
Subject: [PATCH] Improve error detection when streaming S/MIME.

Only use streaming when appropriate for detached data in smime utility.
---
 apps/smime.c           | 13 ++++++++++---
 crypto/pkcs7/bio_pk7.c | 14 +++++++++++++-
 crypto/pkcs7/pk7_lib.c |  5 -----
 3 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/apps/smime.c b/apps/smime.c
index a76e88d141..af2960685f 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -688,15 +688,22 @@ int MAIN(int argc, char **argv)
 	else if (operation & SMIME_SIGNERS)
 		{
 		int i;
-		/* If detached data and SMIME output enable partial
-		 * signing.
+		/* If detached data content we only enable streaming if
+		 * S/MIME output format.
 		 */
 		if (operation == SMIME_SIGN)
 			{
-			if (indef || (flags & PKCS7_DETACHED))
+			if (flags & PKCS7_DETACHED)
+				{
+				if (outformat == FORMAT_SMIME)
+					flags |= PKCS7_STREAM;
+				}
+			else if (indef)
 				flags |= PKCS7_STREAM;
 			flags |= PKCS7_PARTIAL;
 			p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+			if (!p7)
+				goto end;
 			}
 		else
 			flags |= PKCS7_REUSE_DIGEST;
diff --git a/crypto/pkcs7/bio_pk7.c b/crypto/pkcs7/bio_pk7.c
index 533e596a1c..581ba09f7a 100644
--- a/crypto/pkcs7/bio_pk7.c
+++ b/crypto/pkcs7/bio_pk7.c
@@ -114,13 +114,17 @@ BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7)
 
 	out = BIO_push(asn_bio, out);
 
+	if (!p7aux || !asn_bio || !out)
+		goto err;
+
 	BIO_asn1_set_prefix(asn_bio, pkcs7_prefix, pkcs7_prefix_free);
 	BIO_asn1_set_suffix(asn_bio, pkcs7_suffix, pkcs7_suffix_free);
 
 	/* Now initialize BIO for PKCS#7 output */
 
 	p7bio = PKCS7_dataInit(p7, out);
-	PKCS7_stream(&boundary, p7);
+	if (!p7bio || !PKCS7_stream(&boundary, p7))
+		goto err;
 
 	p7aux->p7 = p7;
 	p7aux->p7bio = p7bio;
@@ -131,6 +135,14 @@ BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7)
 
 	return p7bio;
 
+	err:
+	if (p7bio)
+		BIO_free(p7bio);
+	if (asn_bio)
+		BIO_free(asn_bio);
+	if (p7aux)
+		OPENSSL_free(p7aux);
+	return NULL;
 	}
 
 static int pkcs7_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 9ad1448bf7..3ca0952792 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -665,8 +665,3 @@ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
 
 	return 1;
 	}
-
-
-
-
-
-- 
2.34.1