From fac3a1ce37f2899acbf9f93abc892a37b0fd5175 Mon Sep 17 00:00:00 2001
From: Aveen Ismail <aveen.ismail@yubico.com>
Date: Wed, 6 Dec 2023 15:53:37 +0100
Subject: [PATCH] Add error code checks when writing certificate data

---
 ykcs11/token.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ykcs11/token.c b/ykcs11/token.c
index becc6071..7e68d0eb 100644
--- a/ykcs11/token.c
+++ b/ykcs11/token.c
@@ -463,7 +463,9 @@ CK_RV token_generate_key(ykpiv_state *state, gen_info_t *gen, CK_BYTE key, CK_BY
   if(rv != CKR_OK)
     return rv;
 
-  ykpiv_util_write_certdata(data, recv_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len);
+  if ((res = ykpiv_util_write_certdata(data, recv_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len)) != YKPIV_OK) {
+    return yrc_to_rv(res);
+  }
 
   if(*cert_len < (CK_ULONG)certdata_len) {
     DBG("Certificate buffer too small.");
@@ -494,7 +496,9 @@ CK_RV token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_BYTE_PTR in, CK
     return rv;
   }
 
-  ykpiv_util_write_certdata(in, cert_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len);
+  if ((res = ykpiv_util_write_certdata(in, cert_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len)) != YKPIV_OK) {
+    return yrc_to_rv(res);
+  }
 
   // Store the certificate into the token
   if ((res = ykpiv_save_object(state, cert_id, certdata, certdata_len)) != YKPIV_OK)