X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/ce3c8656732c924baf7e88df75eab50891bdc471..fa7225c82381bac4432a6edf16f53b5370238d85:/libsecurity_smime/lib/cmscinfo.c?ds=sidebyside

diff --git a/libsecurity_smime/lib/cmscinfo.c b/libsecurity_smime/lib/cmscinfo.c
index 00e18ded..438eed10 100644
--- a/libsecurity_smime/lib/cmscinfo.c
+++ b/libsecurity_smime/lib/cmscinfo.c
@@ -62,6 +62,8 @@ SecCmsContentInfoDestroy(SecCmsContentInfoRef cinfo)
 {
     SECOidTag kind;
 
+    if(!cinfo) return;
+
     kind = SecCmsContentInfoGetContentTypeTag(cinfo);
     switch (kind) {
     case SEC_OID_PKCS7_ENVELOPED_DATA:
@@ -366,14 +368,21 @@ SecCmsContentInfoSetBulkKey(SecCmsContentInfoRef cinfo, SecSymmetricKeyRef bulkk
 #ifdef USE_CDSA_CRYPTO
     const CSSM_KEY *cssmKey = NULL;
 #endif
+    if (!bulkkey || !cinfo) return;
     cinfo->bulkkey = bulkkey;
     CFRetain(cinfo->bulkkey);
 #ifdef USE_CDSA_CRYPTO
     SecKeyGetCSSMKey(cinfo->bulkkey, &cssmKey);
     cinfo->keysize = cssmKey ? cssmKey->KeyHeader.LogicalKeySizeInBits : 0;
 #else
-    /* This cast should be always safe, there should be SecSymmetricKeyRef API to get the size anyway */
-    cinfo->keysize = (int)CFDataGetLength((CFDataRef)bulkkey) * 8;
+    long long bulkKeySize = CFDataGetLength((CFDataRef)bulkkey) * 8;
+    if (bulkKeySize < INT_MAX) {
+        cinfo->keysize = (int)bulkKeySize;
+    } else {
+        CFRelease(cinfo->bulkkey);
+        cinfo->bulkkey = NULL;
+        cinfo->keysize = 0;
+    }
 #endif
 }