From 22dff96b5e38714ecba64160963b5185b732d1d6 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 6 Jun 2024 15:36:00 +0200
Subject: [PATCH] ASN1_item_verify_ctx(): Return -1 on fatal errors

Fixes #24575
---
 crypto/asn1/a_verify.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index 94d29e7c2736c..f754216eb7e51 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -202,10 +202,12 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
     inl = ASN1_item_i2d(data, &buf_in, it);
     if (inl <= 0) {
         ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR);
+        ret = -1;
         goto err;
     }
     if (buf_in == NULL) {
         ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
+        ret = -1;
         goto err;
     }
     inll = inl;