From: x2018 <xkernel.wang@foxmail.com>
Date: Tue, 30 Nov 2021 12:33:32 +0000 (+0800)
Subject: check the return value of BN_dup() in rsa_lib.c:1248
X-Git-Tag: openssl-3.2.0-alpha1~3268
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9d1a27051dcd4e7a621df54a073587c6c4486476;p=thirdparty%2Fopenssl.git

check the return value of BN_dup() in rsa_lib.c:1248

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17168)
---

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 64332825970..a8a6d6c758e 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -1244,8 +1244,11 @@ int EVP_PKEY_CTX_set1_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp)
      * When we're dealing with a provider, there's no need to duplicate
      * pubexp, as it gets copied when transforming to an OSSL_PARAM anyway.
      */
-    if (evp_pkey_ctx_is_legacy(ctx))
+    if (evp_pkey_ctx_is_legacy(ctx)) {
         pubexp = BN_dup(pubexp);
+        if (pubexp == NULL)
+            return 0;
+    }
     ret = EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN,
                             EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp);
     if (evp_pkey_ctx_is_legacy(ctx) && ret <= 0)