From: Shane Lontis <shane.lontis@oracle.com>
Date: Mon, 21 Sep 2020 01:29:30 +0000 (+1000)
Subject: Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running()
X-Git-Tag: openssl-3.0.0-alpha7~148
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=965d3f36c49e2d0144330271be7c330b572b43df;p=thirdparty%2Fopenssl.git

Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12930)
---

diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 1e32db1b6f6..63c51af3a19 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -276,12 +276,16 @@ static int ec_match(const void *keydata1, const void *keydata2, int selection)
     const EC_KEY *ec2 = keydata2;
     const EC_GROUP *group_a = EC_KEY_get0_group(ec1);
     const EC_GROUP *group_b = EC_KEY_get0_group(ec2);
-    BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(ec1));
+    BN_CTX *ctx = NULL;
     int ok = 1;
 
     if (!ossl_prov_is_running())
         return 0;
 
+    ctx = BN_CTX_new_ex(ec_key_get_libctx(ec1));
+    if (ctx == NULL)
+        return 0;
+
     if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
         ok = ok && group_a != NULL && group_b != NULL
             && EC_GROUP_cmp(group_a, group_b, ctx) == 0;