Fix another possible crash in rsa_ossl_mod_exp.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3675)
(cherry picked from commit 5625567f9c7daaa2e2689647e10e4c5d7370718f)

diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index 793e2f9c87209e810d5f22e2ad6d08fb75ccc13c..62a88959fae40c266b252beadd5818b472dce0dc 100644 (file)
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -603,6 +603,8 @@ static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
     r1 = BN_CTX_get(ctx);
     m1 = BN_CTX_get(ctx);
     vrfy = BN_CTX_get(ctx);
+    if (vrfy == NULL)
+        goto err;
 
     {
         BIGNUM *p = BN_new(), *q = BN_new();