Fix possible crash in X931 code.

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3675)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-06-13 22:34:30 +0200
committer: Rich Salz <rsalz@openssl.org> 2017-06-14 15:35:48 +0200
commit: 5419dadd4bd1f7abbfa23326ca766d2c143f257c (patch)
tree: 49e74479ee37bdb1e82b549facc4f3e5309c6941 /crypto/bn
parent: Fix another possible crash in rsa_ossl_mod_exp. (diff)
download: openssl-5419dadd4bd1f7abbfa23326ca766d2c143f257c.tar.xz
openssl-5419dadd4bd1f7abbfa23326ca766d2c143f257c.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index 40734cb2f6..8bfbcac6a4 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -178,6 +178,8 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
 
     BN_CTX_start(ctx);
     t = BN_CTX_get(ctx);
+    if (t == NULL)
+        goto err;
 
     for (i = 0; i < 1000; i++) {
         if (!BN_rand(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
@@ -216,10 +218,12 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
     int ret = 0;
 
     BN_CTX_start(ctx);
-    if (!Xp1)
+    if (Xp1 == NULL)
         Xp1 = BN_CTX_get(ctx);
-    if (!Xp2)
+    if (Xp2 == NULL)
         Xp2 = BN_CTX_get(ctx);
+    if (Xp1 == NULL || Xp2 == NULL)
+        goto error;
 
     if (!BN_rand(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
         goto error;
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-06-13 22:34:30 +0200
committer	Rich Salz <rsalz@openssl.org>	2017-06-14 15:35:48 +0200
commit	5419dadd4bd1f7abbfa23326ca766d2c143f257c (patch)
tree	49e74479ee37bdb1e82b549facc4f3e5309c6941 /crypto/bn
parent	Fix another possible crash in rsa_ossl_mod_exp. (diff)
download	openssl-5419dadd4bd1f7abbfa23326ca766d2c143f257c.tar.xz openssl-5419dadd4bd1f7abbfa23326ca766d2c143f257c.zip