Merge pull request #7902 from gasbytes/wc_pkcs7_decodeauthenvelopeddata-problem

Added check on error out from wc_PKCS7_EncodeAuthEnvelopedData
2024-08-27 00:40:21 -05:00
parent 2537e08a99 25dd8b641e
commit 90152fedda
1 changed files with 7 additions and 0 deletions
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -13624,7 +13624,14 @@ authenv_atrbend:
        }
        XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
    }
+#else
+    if (ret < 0) {
+        ForceZero(encryptedContent, (word32)encryptedContentSz);
+        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
+    }
 #endif
+
 #ifndef NO_PKCS7_STREAM
    if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
        wc_PKCS7_ResetStream(pkcs7);