Fix error handling in compute_key, BN_CTX_get can return NULL

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2132)
(cherry picked from commit 7928ee4d685b727619555bc1ec0aee805f6fc8c4)

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index fe021904ccc86c633427d9cdbe9ee8a56800c3ad..204e5a7a421edf9385a67daa96e30c9bcb6bdee8 100644 (file)
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -159,6 +159,8 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
         goto err;
     BN_CTX_start(ctx);
     tmp = BN_CTX_get(ctx);
+    if (tmp == NULL)
+        goto err;
 
     if (dh->priv_key == NULL) {
         DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);