From 2951e167b5d6922abce453bd0706314a5dab704f Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 24 Jun 2016 14:17:52 -0600
Subject: [PATCH] check return code of PemToDer in
 wolfSSL_CertManagerVerifyBuffer, CU #2

---
 src/ssl.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/ssl.c b/src/ssl.c
index 202972f22..5999bb5fd 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -4358,6 +4358,13 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
         info->consumed = 0;
 
         ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, info, &eccKey);
+        if (ret != 0) {
+            FreeDer(&der);
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(info, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+            return ret;
+        }
         InitDecodedCert(cert, der->buffer, der->length, cm->heap);
 
     #ifdef WOLFSSL_SMALL_STACK