Don't free garbage in ec_wNAF_mul() if wNAF could be allocated but

other allocations in the same block couldn't.

problem pointed out by David Ramos on the openssl-dev list
ok miod@ doug@

2 files changed, 22 insertions, 10 deletions

diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index 4e49ce4f7b..3dc17bc409 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.15 2014/11/11 06:23:43 guenther Exp $ */
 /*
  * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
  */
@@ -425,17 +425,23 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
         }
         totalnum = num + numblocks;
 
-        wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
-        wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
         /* includes space for pivot */
         wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
+        if (wNAF == NULL) {
+                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                goto err;
+        }
+
+        wNAF[0] = NULL;         /* preliminary pivot */
+
+        wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
+        wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
         val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
 
-        if (!wsize || !wNAF_len || !wNAF || !val_sub) {
+        if (wsize == NULL || wNAF_len == NULL || val_sub == NULL) {
                 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
                 goto err;
         }
-        wNAF[0] = NULL;         /* preliminary pivot */
 
         /* num_val will be the total number of temporarily precomputed points */
         num_val = 0;
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c
index 4e49ce4f7b..3dc17bc409 100644
--- a/src/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.15 2014/11/11 06:23:43 guenther Exp $ */
 /*
  * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
  */
@@ -425,17 +425,23 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
         }
         totalnum = num + numblocks;
 
-        wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
-        wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
         /* includes space for pivot */
         wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
+        if (wNAF == NULL) {
+                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                goto err;
+        }
+
+        wNAF[0] = NULL;         /* preliminary pivot */
+
+        wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
+        wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
         val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
 
-        if (!wsize || !wNAF_len || !wNAF || !val_sub) {
+        if (wsize == NULL || wNAF_len == NULL || val_sub == NULL) {
                 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
                 goto err;
         }
-        wNAF[0] = NULL;         /* preliminary pivot */
 
         /* num_val will be the total number of temporarily precomputed points */
         num_val = 0;