From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Fri, 6 Sep 2019 22:58:31 +0000 (+0200)
Subject: DH_check_pub_key_ex was accidentally calling DH_check,
X-Git-Tag: OpenSSL_1_1_1d~13
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8003138fa9674bb160ced09520de43c3618d3ede;p=oweals%2Fopenssl.git

DH_check_pub_key_ex was accidentally calling DH_check,
so results were undefined.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9796)

(cherry picked from commit 2b95e8efcf8b99892106070d9ac745a0a369f503)
---

diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index 6d81101e9d..d13d8206ce 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -164,7 +164,8 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
 {
     int errflags = 0;
 
-    (void)DH_check(dh, &errflags);
+    if (!DH_check_pub_key(dh, pub_key, &errflags))
+        return 0;
 
     if ((errflags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
         DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_SMALL);