commit 3087f6e594849d4805dd4a1507347fdbd2135489
author David Benjamin <davidben@chromium.org> Fri Nov 14 11:16:56 2014 -0500
committer Adam Langley <agl@google.com> Fri Nov 14 18:47:41 2014 +0000
tree b379c4583f5250252b30ab8ce8b358801640e174
parent 4cd8c43e738b0903cb1782b7b77a69f7aa778406

Fix garbage free on malloc failure in ec_wNAF_mul.

PR#3595

(Imported from upstream's e04d426bf98ebb22abf0f15b6f09d333a6e8b2ad.)

Change-Id: I01a9d9bef7e911b3fb1565f8a582f5d6cc7d5537
Reviewed-on: https://boringssl-review.googlesource.com/2290
Reviewed-by: Adam Langley <agl@google.com>

crypto/ec/wnaf.c

diff --git a/crypto/ec/wnaf.c b/crypto/ec/wnaf.c
index cac7234..1976460 100644
--- a/crypto/ec/wnaf.c
+++ b/crypto/ec/wnaf.c
@@ -389,13 +389,16 @@
                         sizeof wNAF[0]); /* includes space for pivot */
   val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
 
+  /* Ensure wNAF is initialised in case we end up going to err. */
+  if (wNAF) {
+    wNAF[0] = NULL; /* preliminary pivot */
+  }
+
   if (!wsize || !wNAF_len || !wNAF || !val_sub) {
     OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE);
     goto err;
   }
 
-  wNAF[0] = NULL; /* preliminary pivot */
-
   /* num_val will be the total number of temporarily precomputed points */
   num_val = 0;