Check more return values in the SRP code

Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8019)
author: Matt Caswell <matt@openssl.org> 2019-01-14 11:22:42 +0000
committer: Matt Caswell <matt@openssl.org> 2019-01-15 11:29:40 +0000
commit: d63bde7827b0be1172f823baf25309b54aa87e0f (patch)
tree: f69774c19303da9dc2dd282499866b271a358ea6 /crypto/srp/srp_lib.c
parent: 0a5bda639f8fd59e15051cf757708e3b94bcf399 (diff)
download: openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.zip
openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.tar.gz
openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.tar.bz2
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index c43d27a..8cba189 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -26,6 +26,7 @@ static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N)
     unsigned char *tmp = NULL;
     int numN = BN_num_bytes(N);
     BIGNUM *res = NULL;
+
     if (x != N && BN_ucmp(x, N) >= 0)
         return NULL;
     if (y != N && BN_ucmp(y, N) >= 0)
@@ -139,7 +140,8 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
         || !EVP_DigestFinal_ex(ctxt, dig, NULL)
         || !EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL))
         goto err;
-    BN_bn2bin(s, cs);
+    if (BN_bn2bin(s, cs) < 0)
+        goto err;
     if (!EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s)))
         goto err;
author	Matt Caswell <matt@openssl.org>	2019-01-14 11:22:42 +0000
committer	Matt Caswell <matt@openssl.org>	2019-01-15 11:29:40 +0000
commit	d63bde7827b0be1172f823baf25309b54aa87e0f (patch)
tree	f69774c19303da9dc2dd282499866b271a358ea6 /crypto/srp/srp_lib.c
parent	0a5bda639f8fd59e15051cf757708e3b94bcf399 (diff)
download	openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.zip openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.tar.gz openssl-d63bde7827b0be1172f823baf25309b54aa87e0f.tar.bz2