projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e26f653)
Check a return value in the SRP code
authorMatt Caswell <matt@openssl.org>
Mon, 14 Jan 2019 11:06:43 +0000 (11:06 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 15 Jan 2019 11:29:40 +0000 (11:29 +0000)
Spotted by OSTIF audit

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8019)

crypto/srp/srp_vfy.c patch | blob | history

diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 4ed94b7fb230c6e69bfa770959d9ae6a94169862..7e32f096d0b70dbfb83974a407917574b369d333 100644 (file)
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -707,6 +707,8 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
     }
 
     x = SRP_Calc_x(salttmp, user, pass);
+    if (x == NULL)
+        goto err;
 
     *verifier = BN_new();
     if (*verifier == NULL)
Unnamed repository; edit this file 'description' to name the repository.