[lvc-project] [PATCH v1] lib/mpi/ec: make sure mpi_scanval() returns a valid ptr before using it
Daniil Tatianin
d-tatianin at yandex-team.ru
Mon Nov 14 17:27:03 MSK 2022
mpi_scanval() can return a NULL in case of an error or OOM, so check the
reutrn value before proceeding just like we check it at every other
callsite.
Found by Linux Verification Center (linuxtesting.org) with the SVACE
static analysis tool.
Signed-off-by: Daniil Tatianin <d-tatianin at yandex-team.ru>
---
lib/mpi/ec.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/mpi/ec.c b/lib/mpi/ec.c
index c21470122dfc..3002b4d17893 100644
--- a/lib/mpi/ec.c
+++ b/lib/mpi/ec.c
@@ -590,9 +590,14 @@ void mpi_ec_init(struct mpi_ec_ctx *ctx, enum gcry_mpi_ec_models model,
if (model == MPI_EC_MONTGOMERY) {
for (i = 0; i < DIM(bad_points_table); i++) {
- MPI p_candidate = mpi_scanval(bad_points_table[i][0]);
- int match_p = !mpi_cmp(ctx->p, p_candidate);
- int j;
+ MPI p_candidate;
+ int match_p, j;
+
+ p_candidate = mpi_scanval(bad_points_table[i][0]);
+ if (!p_candidate)
+ break;
+
+ match_p = !mpi_cmp(ctx->p, p_candidate);
mpi_free(p_candidate);
if (!match_p)
--
2.25.1
More information about the lvc-project
mailing list