Google Git
Sign in
boringssl/boringssl.git/7cf6085b00e194877b88b72d710d1aea6cb03e20^!/.
commit
7cf6085b00e194877b88b72d710d1aea6cb03e20
[log]
author
Brian Smith <brian@briansmith.org>
Sat Mar 19 22:39:37 2016 -1000
committer
David Benjamin <davidben@google.com>
Sun Mar 20 17:09:51 2016 +0000
tree
b87866a4445d42e8e388e4c3b4d5e3c55a390218
parent
35673b945dcbf240093f1f0b286e889d31c4d8f9 [diff]
Check for |BN_CTX_new| failure in |mod_exp|.

As far as I can tell, this is the last place within libcrypto where
this type of check is missing.

Change-Id: I3d09676abab8c9f6c4e87214019a382ec2ba90ee
Reviewed-on: https://boringssl-review.googlesource.com/7519
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index 8dd59dc..d98ca0d 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c

@@ -636,6 +636,11 @@
   r1 = BN_CTX_get(ctx);
   m1 = BN_CTX_get(ctx);
   vrfy = BN_CTX_get(ctx);
+  if (r1 == NULL ||
+      m1 == NULL ||
+      vrfy == NULL) {
+    goto err;
+  }
 
   {
     BIGNUM local_p, local_q;