From: Shane Lontis <shane.lontis@oracle.com>
Date: Sun, 24 Mar 2019 23:52:28 +0000 (+1000)
Subject: Fixed unmatched BN_CTX_start/end if an invalid exponent is used.
X-Git-Tag: openssl-3.0.0-alpha1~2292
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=952abb152189715f7b035d5446af947ec41e8a4b;p=oweals%2Fopenssl.git

Fixed unmatched BN_CTX_start/end if an invalid exponent is used.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8569)
---

diff --git a/crypto/rsa/rsa_sp800_56b_gen.c b/crypto/rsa/rsa_sp800_56b_gen.c
index 221136bd0c..50c5bf14be 100644
--- a/crypto/rsa/rsa_sp800_56b_gen.c
+++ b/crypto/rsa/rsa_sp800_56b_gen.c
@@ -71,7 +71,7 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
     if (!rsa_check_public_exponent(e)) {
         RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES,
                RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
-        goto err;
+        return 0;
     }
 
     /* (Step 3) Determine strength and check rand generator strength is ok -