From c5f0de15ca67f9324589bc0d2575f98e8f04881c Mon Sep 17 00:00:00 2001 From: Vitaly Chikunov Date: Thu, 26 Sep 2019 02:19:36 +0300 Subject: [PATCH] gost_ec_keyx: Fix CID 253283 Unchecked return value in VKO_compute_key Calling EC_POINT_get_affine_coordinates() without checking return value. Some fixes for Coverity Scan from issue #174. --- gost_ec_keyx.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index b82c6f1..fa068ae 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -59,8 +59,11 @@ int VKO_compute_key(unsigned char *shared_key, GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_ERROR_POINT_MUL); goto err; } - EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); + if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key), + pnt, X, Y, ctx)) { + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB); + goto err; + } half_len = BN_num_bytes(order); buf_len = 2 * half_len; -- 2.39.5