Commit d0cbaa2f authored Sep 14, 2016 by Matt Caswell

Fix a missing NULL check in dsa_builtin_paramgen



We should check the last BN_CTX_get() call to ensure that it isn't NULL
before we try and use any of the allocated BIGNUMs.

Issue reported by Shi Lei.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 1ff7425d)

parent a5e55f62

crypto/dsa/dsa_gen.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -185,6 +185,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
		p = BN_CTX_get(ctx);
		test = BN_CTX_get(ctx);

		if (test == NULL)
		goto err;

		if (!BN_lshift(test, BN_value_one(), bits - 1))
		goto err;