fix for Missing null check after OPENSSL_zalloc

Fixes #10283

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10296)

diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index a14decd2803f79809813bc092234e32571f925c0..5e9ec73f7d87cc22e591ff8b7bc7385b155bfa66 100644 (file)
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -18,12 +18,14 @@ static OSSL_PARAM *paramdefs_to_params(const OSSL_PARAM *paramdefs)
 {
     size_t cnt;
     const OSSL_PARAM *p;
-    OSSL_PARAM *params, *q;
+    OSSL_PARAM *params = NULL, *q;
 
     for (cnt = 1, p = paramdefs; p->key != NULL; p++, cnt++)
         continue;
 
     params = OPENSSL_zalloc(cnt * sizeof(*params));
+    if (params == NULL)
+        return NULL;
 
     for (p = paramdefs, q = params; ; p++, q++) {
         *q = *p;
@@ -78,6 +80,8 @@ static void *allocate_params_space(OSSL_PARAM *params)
         return NULL;
 
     data = OPENSSL_zalloc(space);
+    if (data == NULL)
+        return NULL;
 
     for (space = 0, p = params; p->key != NULL; p++) {
         p->data = data + space;