From 15cb335e66d518a25950ff40906676f982b64a2b Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Fri, 1 Jun 2018 19:38:52 -0700
Subject: [PATCH] Fix use-after-free in cms

Closes #941
---
 openssl/src/cms.rs | 22 +++++++---------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/openssl/src/cms.rs b/openssl/src/cms.rs
index 6ee62fd0..5781a01f 100644
--- a/openssl/src/cms.rs
+++ b/openssl/src/cms.rs
@@ -138,22 +138,14 @@ impl CmsContentInfo {
         flags: CMSOptions,
     ) -> Result<CmsContentInfo, ErrorStack> {
         unsafe {
-            let signcert = match signcert {
-                Some(cert) => cert.as_ptr(),
-                None => ptr::null_mut(),
-            };
-            let pkey = match pkey {
-                Some(pkey) => pkey.as_ptr(),
-                None => ptr::null_mut(),
-            };
-            let data_bio_ptr = match data {
-                Some(data) => MemBioSlice::new(data)?.as_ptr(),
-                None => ptr::null_mut(),
-            };
-            let certs = match certs {
-                Some(certs) => certs.as_ptr(),
-                None => ptr::null_mut(),
+            let signcert = signcert.map_or(ptr::null_mut(), |p| p.as_ptr());
+            let pkey = pkey.map_or(ptr::null_mut(), |p| p.as_ptr());
+            let data_bio = match data {
+                Some(data) => Some(MemBioSlice::new(data)?),
+                None => None,
             };
+            let data_bio_ptr = data_bio.as_ref().map_or(ptr::null_mut(), |p| p.as_ptr());
+            let certs = certs.map_or(ptr::null_mut(), |p| p.as_ptr());
 
             let cms = cvt_p(ffi::CMS_sign(
                 signcert,