pkcs7 decryption: addressed memory leak in PBES1-DES-CBC-MD5 handling

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index e62500c84d9cbe2be3eadd99b45644fa157d90ec..c15752f9951d9254c7ae339ff8afb90e104ccebb 100644 (file)
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1027,6 +1027,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
        ret = _gnutls_x509_read_value(pkcs8_asn, root, &enc);
        if (ret < 0) {
                gnutls_assert();
+               enc.data = NULL;
                goto cleanup;
        }
 
@@ -1035,6 +1036,8 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
                                                          kdf_params,
                                                          enc_params, &enc,
                                                          decrypted_data);
+               if (ret < 0)
+                       goto error;
                goto cleanup;
        }