Address coverity issue CID 1517105

The code path for this resource leak indicates that this is a false
positive (if you look at the callers).
Rather than ignoring the warning an extra check has been added, in case
future callers do the wrong thing.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19799)

diff --git a/crypto/deterministic_nonce.c b/crypto/deterministic_nonce.c
index cd28cce513c79e6cd829fa4f8a34a85a2fa5b0e8..6b78777b42460433d32536e3f6c4bd181cf070c4 100644 (file)
--- a/crypto/deterministic_nonce.c
+++ b/crypto/deterministic_nonce.c
@@ -158,9 +158,12 @@ int ossl_gen_deterministic_nonce_rfc6979(BIGNUM *out, const BIGNUM *q,
     unsigned char *entropyx = NULL, *nonceh = NULL, *T = NULL;
     size_t allocsz = 0;
 
+    if (out == NULL)
+        return 0;
+
     qlen_bits = BN_num_bits(q);
     if (qlen_bits == 0)
-        goto end;
+        return 0;
 
     /* Note rlen used here is in bytes since the input values are byte arrays */
     rlen = (qlen_bits + 7) / 8;
@@ -169,7 +172,7 @@ int ossl_gen_deterministic_nonce_rfc6979(BIGNUM *out, const BIGNUM *q,
     /* Use a single alloc for the buffers T, nonceh and entropyx */
     T = (unsigned char *)OPENSSL_zalloc(allocsz);
     if (T == NULL)
-        goto end;
+        return 0;
     nonceh = T + rlen;
     entropyx = nonceh + rlen;