From: Matt Caswell <matt@openssl.org>
Date: Mon, 6 Jun 2022 09:32:49 +0000 (+0100)
Subject: Don't report success from ec_export if OSSL_PARAM_BLD_to_param failed
X-Git-Tag: openssl-3.2.0-alpha1~2555
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7d6aad832b4cebb181c53ab80a3f61dc8549be08;p=thirdparty%2Fopenssl.git

Don't report success from ec_export if OSSL_PARAM_BLD_to_param failed

If the call to OSSL_PARAM_BLD_to_param() failed then ec_export was
reporting success, even though it has never called the param_cb.

Found due to:
https://github.com/openssl/openssl/pull/18355#issuecomment-1145993650

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18483)
---

diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index e120760e5f9..6f8638a8981 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -498,6 +498,8 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
 
     if (ok && (params = OSSL_PARAM_BLD_to_param(tmpl)) != NULL)
         ok = param_cb(params, cbarg);
+    else
+        ok = 0;
 end:
     OSSL_PARAM_free(params);
     OSSL_PARAM_BLD_free(tmpl);