From bbe9d2de6c643a2c6758fae4274c307943a59624 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Wed, 29 Mar 2023 09:22:23 +1100
Subject: Coverity 1524597: null pointer dereference

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20629)
---
 crypto/evp/ctrl_params_translate.c | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

(limited to 'crypto/evp')

diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index 21be0d115c..448a3c3043 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -1649,23 +1649,27 @@ static int get_payload_public_key_ec(enum state state,
 #ifndef OPENSSL_NO_EC
     EVP_PKEY *pkey = ctx->p2;
     const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
-    BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
-    const EC_POINT *point = EC_KEY_get0_public_key(eckey);
-    const EC_GROUP *ecg = EC_KEY_get0_group(eckey);
+    BN_CTX *bnctx;
+    const EC_POINT *point;
+    const EC_GROUP *ecg;
     BIGNUM *x = NULL;
     BIGNUM *y = NULL;
     int ret = 0;
 
-    if (bnctx == NULL)
-        return 0;
-
     ctx->p2 = NULL;
 
     if (eckey == NULL) {
         ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
-        goto out;
+        return 0;
     }
 
+    bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
+    if (bnctx == NULL)
+        return 0;
+
+    point = EC_KEY_get0_public_key(eckey);
+    ecg = EC_KEY_get0_group(eckey);
+
     /* Caller should have requested a BN, fail if not */
     if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
         goto out;
-- 
cgit v1.2.3