Check group generator in EC_POINT_mul().

When a non-NULL generator scalar is passed to EC_POINT_mul(), the group's
generator will be used in multiplication. Add a check that ensures that the
group generator is non-NULL, in order to avoid needing to handle this
elsewhere (currently in the lower level point multiplication code).

ok tb@

1 files changed, 6 insertions, 1 deletions

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 315a8130cf..598038de1d 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.121 2025/03/09 15:42:19 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.122 2025/03/24 12:49:13 jsing Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1319,6 +1319,11 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
                 goto err;
         }
 
+        if (g_scalar != NULL && group->generator == NULL) {
+                ECerror(EC_R_UNDEFINED_GENERATOR);
+                goto err;
+        }
+
         if (g_scalar != NULL && point == NULL && p_scalar == NULL) {
                 /*
                  * In this case we want to compute g_scalar * GeneratorPoint: