From: Juergen Christ <jchrist@linux.ibm.com>
Date: Mon, 16 Jan 2023 10:37:15 +0000 (+0100)
Subject: Fix potential NULL pointer dereference
X-Git-Tag: openssl-3.2.0-alpha1~1445
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=235ef96049dbe337a3c3c5d419dacbb5a81df1b3;p=thirdparty%2Fopenssl.git

Fix potential NULL pointer dereference

In EC key generation, if allocation of struct ec_gen_ctx fails, values
provided by parameters are copied into the context at represented by a NULL
pointer.  To fix this, prevent copy if allocation fails.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20055)
---

diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index cecb8cef3ee..990d03794ad 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -1006,10 +1006,10 @@ static void *ec_gen_init(void *provctx, int selection,
         gctx->libctx = libctx;
         gctx->selection = selection;
         gctx->ecdh_mode = 0;
-    }
-    if (!ec_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
-        gctx = NULL;
+        if (!ec_gen_set_params(gctx, params)) {
+            OPENSSL_free(gctx);
+            gctx = NULL;
+        }
     }
     return gctx;
 }