From 6b36a341c372f3dcec13c5ddee52fdb907a255a9 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 12 Apr 2017 17:42:54 +0200
Subject: [PATCH 1/2] Make sure the lock is released when returning

---
 src/pkcs11/framework-pkcs15.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 2f78a63..3441b99 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -487,12 +487,16 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
 		goto out;
 	}
 
-	if (slot->p11card == NULL)
-		return CKR_TOKEN_NOT_PRESENT;
+	if (slot->p11card == NULL) {
+		rv = CKR_TOKEN_NOT_PRESENT;
+		goto out;
+	}
 
 	fw_data = (struct pkcs15_fw_data *) slot->p11card->fws_data[slot->fw_data_idx];
-	if (!fw_data)
-		return sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
+	if (!fw_data) {
+		rv = sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
+		goto out;
+	}
 	p15card = fw_data->p15_card;
 
 	/* User PIN flags are cleared before re-calculation */

From 8e8f0ffdcc959f9dd7ea9036aea887917e961bd1 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 12 Apr 2017 17:43:32 +0200
Subject: [PATCH 2/2] pkcs11-tool: Do not use unitialized data when
 C_GetTokenInfo() failed

---
 src/tools/pkcs11-tool.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index ef5d2a6..555029d 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -1105,6 +1105,9 @@ static void show_token(CK_SLOT_ID slot)
 	if (rv == CKR_TOKEN_NOT_RECOGNIZED) {
 		printf("  (token not recognized)\n");
 		return;
+	} else if (rv != CKR_OK) {
+		printf("C_GetTokenInfo() failed: rv = %s\n", CKR2Str(rv));
+		return;
 	}
 	if (!(info.flags & CKF_TOKEN_INITIALIZED) && (!verbose)) {
 		printf("  token state:   uninitialized\n");