6649721 elfsign sign/verify with missing certificate can dump core

2 files changed, 6 insertions, 7 deletions

diff --git a/usr/src/cmd/cmd-crypto/elfsign/elfsign.c b/usr/src/cmd/cmd-crypto/elfsign/elfsign.c
index 1ee38b28eb..745ca0fc8c 100644
--- a/usr/src/cmd/cmd-crypto/elfsign/elfsign.c
+++ b/usr/src/cmd/cmd-crypto/elfsign/elfsign.c
@@ -407,7 +407,7 @@ static ret_t
 getelfobj(char *elfpath)
 {
 	ELFsign_status_t estatus;
-	ret_t	ret;
+	ret_t	ret = EXIT_SIGN_FAILED;
 
 	estatus = elfsign_begin(elfpath, cmd_info.es_action, &(cmd_info.ess));
 	switch (estatus) {
@@ -437,7 +437,7 @@ static ret_t
 setcertpath(void)
 {
 	ELFsign_status_t estatus;
-	ret_t	ret;
+	ret_t	ret = EXIT_SIGN_FAILED;
 
 	if (cmd_info.cert == NULL)
 		return (EXIT_OKAY);
@@ -521,7 +521,6 @@ do_sign(char *object)
 
 	if (cmd_info.token_label &&
 	    !elfcertlib_settoken(cmd_info.ess, cmd_info.token_label)) {
-		elfsign_end(cmd_info.ess);
 		es_error(gettext("Unable to access token: %s"),
 		    cmd_info.token_label);
 		ret = EXIT_SIGN_FAILED;
diff --git a/usr/src/lib/libelfsign/common/elfsignlib.c b/usr/src/lib/libelfsign/common/elfsignlib.c
index 00f71a125d..d40a8bd0e9 100644
--- a/usr/src/lib/libelfsign/common/elfsignlib.c
+++ b/usr/src/lib/libelfsign/common/elfsignlib.c
@@ -426,11 +426,11 @@ elfsign_setcertpath(ELFsign_t ess, const char *certpath)
 	 * doing it to help provide early failure and better error
 	 * checking, so there is no race condition.
 	 */
-	if (access(certpath, R_OK) != 0) {
-		elfsign_end(ess);
+	if (access(certpath, R_OK) != 0)
 		return (ELFSIGN_INVALID_CERTPATH);
-	}
-	ess->es_certpath = strdup(certpath);
+
+	if ((ess->es_certpath = strdup(certpath)) == NULL)
+		return (ELFSIGN_FAILED);
 
 	if (ES_ACTISUPDATE(ess->es_action)) {
 		ELFCert_t	cert = NULL;