From d63bde7827b0be1172f823baf25309b54aa87e0f Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 14 Jan 2019 11:22:42 +0000
Subject: Check more return values in the SRP code

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8019)
---
 crypto/srp/srp_lib.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'crypto/srp/srp_lib.c')

diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index c43d27a..8cba189 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -26,6 +26,7 @@ static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N)
     unsigned char *tmp = NULL;
     int numN = BN_num_bytes(N);
     BIGNUM *res = NULL;
+
     if (x != N && BN_ucmp(x, N) >= 0)
         return NULL;
     if (y != N && BN_ucmp(y, N) >= 0)
@@ -139,7 +140,8 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
         || !EVP_DigestFinal_ex(ctxt, dig, NULL)
         || !EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL))
         goto err;
-    BN_bn2bin(s, cs);
+    if (BN_bn2bin(s, cs) < 0)
+        goto err;
     if (!EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s)))
         goto err;
 
-- 
cgit v1.1