From 82a46200911f2bb1af00b6921c0db9738825aa76 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 22 Jan 2021 13:59:54 +0100 Subject: [PATCH] Add checks for NULL return from EC_KEY_get0_group() Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13139) --- crypto/ec/ec_pmeth.c | 3 +++ crypto/evp/p_lib.c | 8 ++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index cd1632dc9a..084633dcdc 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -172,6 +172,9 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) if (!key) { const EC_GROUP *group; group = EC_KEY_get0_group(eckey); + + if (group == NULL) + return 0; *keylen = (EC_GROUP_get_degree(group) + 7) / 8; return 1; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 11e86a7e93..d91cf01762 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1221,9 +1221,11 @@ int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { - EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); - int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); + const EC_GROUP *grp = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey)); + int nid = NID_undef; + if (grp != NULL) + nid = EC_GROUP_get_curve_name(grp); if (nid != NID_undef) name = ec_curve_nid2name(nid); } @@ -2271,6 +2273,8 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) if (ec == NULL) return 0; grp = EC_KEY_get0_group(ec); + if (grp == NULL) + return 0; return EC_GROUP_get_field_type(grp); #else -- GitLab