Fix verify loop with CRL checking.

[oweals/openssl.git] / crypto / pkcs12 / p12_decr.c

diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c
index 74c961a92b89b46e916dae27ea7f5488b7163e0a..9d3557e8d7e03682eb9ed3b574f0da284a05149c 100644 (file)
--- a/crypto/pkcs12/p12_decr.c
+++ b/crypto/pkcs12/p12_decr.c
@@ -1,5 +1,5 @@
 /* p12_decr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -89,7 +89,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
                goto err;
        }
 
-       EVP_CipherUpdate(&ctx, out, &i, in, inlen);
+       if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen))
+               {
+               OPENSSL_free(out);
+               out = NULL;
+               PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB);
+               goto err;
+               }
+
        outlen = i;
        if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
                OPENSSL_free(out);