Add checks for NULL return from EC_KEY_get0_group()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index cd1632dc9a3f0554cc18d0684081a624fe59ed99..084633dcdc7131bce4fd3eaebd13eea168564cd3 100644 (file)
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -172,6 +172,9 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
     if (!key) {
         const EC_GROUP *group;
         group = EC_KEY_get0_group(eckey);
+
+        if (group == NULL)
+            return 0;
         *keylen = (EC_GROUP_get_degree(group) + 7) / 8;
         return 1;
     }

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 11e86a7e930f0757735aec68b51a23d2f7385a23..d91cf01762c8ade3d14823bc78b6962668608d65 100644 (file)
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1221,9 +1221,11 @@ int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz,
 #ifndef OPENSSL_NO_EC
         case EVP_PKEY_EC:
             {
-                EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
-                int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+                const EC_GROUP *grp = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
+                int nid = NID_undef;
 
+                if (grp != NULL)
+                    nid = EC_GROUP_get_curve_name(grp);
                 if (nid != NID_undef)
                     name = ec_curve_nid2name(nid);
             }
@@ -2271,6 +2273,8 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey)
         if (ec == NULL)
             return 0;
         grp = EC_KEY_get0_group(ec);
+        if (grp == NULL)
+            return 0;
 
         return EC_GROUP_get_field_type(grp);
 #else