From c0e9f540e05b5037fc4b190ccb377fd80102427b Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 25 Sep 2008 16:38:07 +0000
Subject: [PATCH] Check for errors in ASN1 sign and verify routines.

---
 crypto/asn1/a_sign.c   | 7 ++++++-
 crypto/asn1/a_verify.c | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 1081950518..4dee45fbb8 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -267,7 +267,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 		goto err;
 		}
 
-	EVP_SignInit_ex(&ctx,type, NULL);
+	if (!EVP_SignInit_ex(&ctx,type, NULL))
+		{
+		outl=0;
+		ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);
+		goto err;
+		}
 	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
 	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
 			(unsigned int *)&outl,pkey))
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index fdce6e4380..da3efaaf8d 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -100,7 +100,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
 	p=buf_in;
 
 	i2d(data,&p);
-	EVP_VerifyInit_ex(&ctx,type, NULL);
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
+		goto err;
+		}
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
-- 
2.25.1