From: Richard Levitte <levitte@openssl.org>
Date: Thu, 3 Sep 2020 10:42:43 +0000 (+0200)
Subject: EVP: Don't shadow EVP_PKEY_CTX_new* error records
X-Git-Tag: openssl-3.0.0-alpha7~367
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=20d56d6d62d98c3b2649afd2d20e0c2cc39afce1;p=thirdparty%2Fopenssl.git

EVP: Don't shadow EVP_PKEY_CTX_new* error records

There are places that add an ERR_R_MALLOC_FAILURE record when any of
EVP_PKEY_CTX_new*() return NULL, which is 1) inaccurate, and 2)
shadows the more accurate error record generated when trying to create
the EVP_PKEY_CTX.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/12785)
---

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index e22e900d949..fec4e2d43bb 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -606,10 +606,8 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len,
     }
 
     ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq);
-    if (ctx == NULL) {
-        EVPerr(0, ERR_R_MALLOC_FAILURE);
+    if (ctx == NULL)
         goto err;
-    }
 
     if (!EVP_PKEY_key_fromdata_init(ctx)) {
         EVPerr(0, EVP_R_KEY_SETUP_FAILED);