From: Vitaly Chikunov Date: Wed, 25 Sep 2019 23:19:36 +0000 (+0300) Subject: gost_ec_keyx: Fix CID 253283 Unchecked return value in VKO_compute_key X-Git-Tag: v3.0.0~265^2 X-Git-Url: http://wagner.pp.ru/gitweb/?a=commitdiff_plain;h=c5f0de15ca67f9324589bc0d2575f98e8f04881c;p=openssl-gost%2Fengine.git gost_ec_keyx: Fix CID 253283 Unchecked return value in VKO_compute_key Calling EC_POINT_get_affine_coordinates() without checking return value. Some fixes for Coverity Scan from issue #174. --- diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index b82c6f1..fa068ae 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -59,8 +59,11 @@ int VKO_compute_key(unsigned char *shared_key, GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_ERROR_POINT_MUL); goto err; } - EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); + if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key), + pnt, X, Y, ctx)) { + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB); + goto err; + } half_len = BN_num_bytes(order); buf_len = 2 * half_len;