diff options
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_smime.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index e84b7e7e5f..98054b36b5 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -273,21 +273,26 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, STACK_OF(X509) *certs, STACK_OF(X509_CRL) *crls) { - X509_STORE_CTX ctx; + X509_STORE_CTX *ctx = X509_STORE_CTX_new(); X509 *signer; int i, j, r = 0; + + if (ctx == NULL) { + CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE); + goto err; + } CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); - if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) { + if (!X509_STORE_CTX_init(ctx, store, signer, certs)) { CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR); goto err; } - X509_STORE_CTX_set_default(&ctx, "smime_sign"); + X509_STORE_CTX_set_default(ctx, "smime_sign"); if (crls) - X509_STORE_CTX_set0_crls(&ctx, crls); + X509_STORE_CTX_set0_crls(ctx, crls); - i = X509_verify_cert(&ctx); + i = X509_verify_cert(ctx); if (i <= 0) { - j = X509_STORE_CTX_get_error(&ctx); + j = X509_STORE_CTX_get_error(ctx); CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_CERTIFICATE_VERIFY_ERROR); ERR_add_error_data(2, "Verify error:", @@ -296,7 +301,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, } r = 1; err: - X509_STORE_CTX_cleanup(&ctx); + X509_STORE_CTX_free(ctx); return r; } |