Add lots of checks for memory allocation failure, error codes to indicate

failure and freeing up memory if a failure occurs.

PR:620

2 files changed, 11 insertions, 5 deletions

diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
index 1e9339367f..f98e0a80a6 100644
--- a/crypto/rsa/rsa_saos.c
+++ b/crypto/rsa/rsa_saos.c
@@ -140,8 +140,11 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype,
 		ret=1;
 err:
 	if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
-	OPENSSL_cleanse(s,(unsigned int)siglen);
-	OPENSSL_free(s);
+	if (s != NULL)
+		{
+		OPENSSL_cleanse(s,(unsigned int)siglen);
+		OPENSSL_free(s);
+		}
 	return(ret);
 	}
 
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index e50c839279..9e7dfd1927 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -169,7 +169,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 		}
 	if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
 			RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
-			return(0);
+			goto err;
 	}
 	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
 
@@ -222,8 +222,11 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 	}
 err:
 	if (sig != NULL) X509_SIG_free(sig);
-	OPENSSL_cleanse(s,(unsigned int)siglen);
-	OPENSSL_free(s);
+	if (s != NULL)
+		{
+		OPENSSL_cleanse(s,(unsigned int)siglen);
+		OPENSSL_free(s);
+		}
 	return(ret);
 	}