sm2_sig_verify(): Do not call BN_CTX_end() without BN_CTX_start()

In case of memory allocation failure this
could happen.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25994)

(cherry picked from commit 93bfe97c5be0ca575411b39c9dec1103caa82f51)

diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c
index 583c1cc10b5f9cd6504456c5f2c3a2ca7654f0af..cd3ac61bec1fad5b378b9220c665a2e2b4e34a7b 100644 (file)
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -330,12 +330,10 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
     OSSL_LIB_CTX *libctx = ossl_ec_key_get_libctx(key);
 
     ctx = BN_CTX_new_ex(libctx);
-    pt = EC_POINT_new(group);
-    if (ctx == NULL || pt == NULL) {
+    if (ctx == NULL) {
         ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE);
         goto done;
     }
-
     BN_CTX_start(ctx);
     t = BN_CTX_get(ctx);
     x1 = BN_CTX_get(ctx);
@@ -344,6 +342,12 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
         goto done;
     }
 
+    pt = EC_POINT_new(group);
+    if (pt == NULL) {
+        ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE);
+        goto done;
+    }
+
     /*
      * B1: verify whether r' in [1,n-1], verification failed if not
      * B2: verify whether s' in [1,n-1], verification failed if not