From: Matt Caswell <matt@openssl.org>
Date: Wed, 14 Sep 2016 12:27:59 +0000 (+0100)
Subject: Fix a missing NULL check in dsa_builtin_paramgen
X-Git-Tag: OpenSSL_1_0_2i~14
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d0cbaa2f3a36a3359ee979f0262f0ff514630509;p=oweals%2Fopenssl.git

Fix a missing NULL check in dsa_builtin_paramgen

We should check the last BN_CTX_get() call to ensure that it isn't NULL
before we try and use any of the allocated BIGNUMs.

Issue reported by Shi Lei.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 1ff7425d6130380bb00d3e64739633a4b21b11a3)
---

diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index f6de68488c..1fce0f81c2 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -185,6 +185,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
     p = BN_CTX_get(ctx);
     test = BN_CTX_get(ctx);
 
+    if (test == NULL)
+        goto err;
+
     if (!BN_lshift(test, BN_value_one(), bits - 1))
         goto err;