sm2: sm2_sign.c: check EC_KEY_get0_private_key() for NULL in sm2_sig_gen()

Static analysis revealed that sm2_sig_gen() dereferences the return value
of EC_KEY_get0_private_key() without checking for NULL. This could lead to
a crash if the private key is unset.

This patch adds a NULL check and raises ERR_R_PASSED_NULL_PARAMETER if the
key is missing.

Issue found by static analyzer:
> Return value of EC_KEY_get0_private_key() is dereferenced without checking for NULL (11/12 checked)

CLA: trivial
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27741)

(cherry picked from commit c108ead2840a76a59fe02c049d08322a02b24761)

diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c
index 2097cd2fca869529b69a66f70a07d7d961c9bdbc..4f78cd9ac28cf011f2d426c37625b9a6e6c2c830 100644 (file)
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -217,6 +217,10 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e)
     BIGNUM *tmp = NULL;
     OSSL_LIB_CTX *libctx = ossl_ec_key_get_libctx(key);
 
+    if (dA == NULL) {
+        ERR_raise(ERR_LIB_SM2, SM2_R_INVALID_PRIVATE_KEY);
+        goto done;
+    }
     kG = EC_POINT_new(group);
     ctx = BN_CTX_new_ex(libctx);
     if (kG == NULL || ctx == NULL) {