pkcs7.c: Do not ignore return value of mbedlts_md
CI was failing due to the return value of mbedtls_md being ignored.
If this function does fail, return early and propogate the md error.
Signed-off-by: Nick Child <nick.child@ibm.com>
diff --git a/library/pkcs7.c b/library/pkcs7.c
index 8c2a3ec..1c73709 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -523,8 +523,12 @@
return( MBEDTLS_ERR_PKCS7_ALLOC_FAILED );
}
- mbedtls_md( md_info, data, datalen, hash );
-
+ ret = mbedtls_md( md_info, data, datalen, hash );
+ if( ret != 0 )
+ {
+ mbedtls_free( hash );
+ return( ret );
+ }
ret = mbedtls_pk_verify( &pk_cxt, md_alg, hash, 0,
pkcs7->signed_data.signers.sig.p,
pkcs7->signed_data.signers.sig.len );