Fix CRL encoding bug.

[oweals/openssl.git] / crypto / asn1 / p5_pbe.c

diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index 30b9049a4573c798680300322251ac4e44d1b9ab..8cda4f609a5762717b625834834e2dcf74716845 100644 (file)
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
 #include <openssl/rand.h>
 
 /* PKCS#5 password based encryption structure */
@@ -81,8 +82,8 @@ PBEPARAM *PBEPARAM_new(void)
        PBEPARAM *ret=NULL;
        ASN1_CTX c;
        M_ASN1_New_Malloc(ret, PBEPARAM);
-       M_ASN1_New(ret->iter,ASN1_INTEGER_new);
-       M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new);
+       M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
+       M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
        return (ret);
        M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
 }
@@ -100,8 +101,8 @@ PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
 void PBEPARAM_free (PBEPARAM *a)
 {
        if(a==NULL) return;
-       ASN1_OCTET_STRING_free(a->salt);
-       ASN1_INTEGER_free (a->iter);
+       M_ASN1_OCTET_STRING_free(a->salt);
+       M_ASN1_INTEGER_free (a->iter);
        Free ((char *)a);
 }
 
@@ -128,7 +129,8 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
        }
        pbe->salt->length = saltlen;
        if (salt) memcpy (pbe->salt->data, salt, saltlen);
-       else RAND_bytes (pbe->salt->data, saltlen);
+       else if (RAND_bytes (pbe->salt->data, saltlen) <= 0)
+               return NULL;
 
        if (!(astype = ASN1_TYPE_new())) {
                ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);