Plug leaks due to misuse of PKCS7_add_signed_attribute()

set0/add0 functions that can fail are the worst. Without fail this trips
up both users and authors (by and large these are two identical groups
consisting of a single person), resulting in leaks and double frees.

In today's episode of spelunking in the gruesome gore provided by the
PKCS#7 and Time-Stamp protocol "implementations", we fix a couple of
leaks in PKCS7_add_attrib_smimecap() and ESS_add_signing_cert().

We do so by recalling that there is i2d_X509_ALGORS(), so we might
as well put it to use instead of inlining it poorly (aka, without
error checking). Normalize said error checking and ensure ownership
is handled correctly in the usual single-exit idiom.

ESS_add_signing_cert() can also make use of proper i2d handling, so
it's simpler and correct and in the end looks pretty much the same
as PKCS7_add_attrib_smimecap().

ok kenjiro

0 files changed, 0 insertions, 0 deletions