summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/bn/bn_div.c4
-rw-r--r--src/lib/libcrypto/bn/bn_exp.c32
-rw-r--r--src/lib/libcrypto/bn/bn_exp2.c14
-rw-r--r--src/lib/libcrypto/bn/bn_gcd.c50
-rw-r--r--src/lib/libcrypto/bn/bn_gf2m.c35
-rw-r--r--src/lib/libcrypto/bn/bn_kron.c8
-rw-r--r--src/lib/libcrypto/bn/bn_mont.c11
-rw-r--r--src/lib/libcrypto/bn/bn_mul.c8
-rw-r--r--src/lib/libcrypto/bn/bn_prime.c23
-rw-r--r--src/lib/libcrypto/bn/bn_sqr.c4
-rw-r--r--src/lib/libcrypto/bn/bn_sqrt.c20
-rw-r--r--src/lib/libcrypto/bn/bn_x931p.c41
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c8
-rw-r--r--src/lib/libcrypto/dh/dh_key.c5
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c26
-rw-r--r--src/lib/libcrypto/ec/ec2_mult.c26
-rw-r--r--src/lib/libcrypto/ec/ec2_oct.c32
-rw-r--r--src/lib/libcrypto/ec/ec2_smpl.c56
-rw-r--r--src/lib/libcrypto/ec/ec_key.c9
-rw-r--r--src/lib/libcrypto/ec/ec_lib.c33
-rw-r--r--src/lib/libcrypto/ec/ec_mult.c5
-rw-r--r--src/lib/libcrypto/ec/ecp_oct.c30
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c101
-rw-r--r--src/lib/libcrypto/ecdh/ech_ossl.c8
-rw-r--r--src/lib/libcrypto/engine/eng_rsax.c11
-rw-r--r--src/lib/libcrypto/rsa/rsa_crpt.c11
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c6
-rw-r--r--src/lib/libcrypto/rsa/rsa_gen.c14
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_div.c4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_exp.c32
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_exp2.c14
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_gcd.c50
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_gf2m.c35
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_kron.c8
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_mont.c11
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_mul.c8
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_prime.c23
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_sqr.c4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_sqrt.c20
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_x931p.c41
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_gen.c8
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_key.c5
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_gen.c26
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_mult.c26
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_oct.c32
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_smpl.c56
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_key.c9
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_lib.c33
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_mult.c5
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_oct.c30
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_smpl.c101
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_ossl.c8
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_rsax.c11
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_crpt.c11
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_eay.c6
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_gen.c14
56 files changed, 716 insertions, 546 deletions
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
index f4deccf77f..fefc53f9fa 100644
--- a/src/lib/libcrypto/bn/bn_div.c
+++ b/src/lib/libcrypto/bn/bn_div.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_div.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -170,7 +170,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
170 res = BN_CTX_get(ctx); 170 res = BN_CTX_get(ctx);
171 else 171 else
172 res = dv; 172 res = dv;
173 if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) 173 if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL)
174 goto err; 174 goto err;
175 175
176 /* First we normalise the numbers */ 176 /* First we normalise the numbers */
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
index 1aa5503dae..eecab5163b 100644
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ b/src/lib/libcrypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_exp.c,v 1.19 2014/07/11 15:01:49 miod Exp $ */ 1/* $OpenBSD: bn_exp.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -272,9 +272,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
272 } 272 }
273 273
274 BN_CTX_start(ctx); 274 BN_CTX_start(ctx);
275 aa = BN_CTX_get(ctx); 275 if ((aa = BN_CTX_get(ctx)) == NULL)
276 val[0] = BN_CTX_get(ctx); 276 goto err;
277 if (!aa || !val[0]) 277 if ((val[0] = BN_CTX_get(ctx)) == NULL)
278 goto err; 278 goto err;
279 279
280 BN_RECP_CTX_init(&recp); 280 BN_RECP_CTX_init(&recp);
@@ -408,10 +408,11 @@ BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
408 } 408 }
409 409
410 BN_CTX_start(ctx); 410 BN_CTX_start(ctx);
411 d = BN_CTX_get(ctx); 411 if ((d = BN_CTX_get(ctx)) == NULL)
412 r = BN_CTX_get(ctx); 412 goto err;
413 val[0] = BN_CTX_get(ctx); 413 if ((r = BN_CTX_get(ctx)) == NULL)
414 if (!d || !r || !val[0]) 414 goto err;
415 if ((val[0] = BN_CTX_get(ctx)) == NULL)
415 goto err; 416 goto err;
416 417
417 /* If this is not done, things will break in the montgomery 418 /* If this is not done, things will break in the montgomery
@@ -885,10 +886,11 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m,
885 } 886 }
886 887
887 BN_CTX_start(ctx); 888 BN_CTX_start(ctx);
888 d = BN_CTX_get(ctx); 889 if ((d = BN_CTX_get(ctx)) == NULL)
889 r = BN_CTX_get(ctx); 890 goto err;
890 t = BN_CTX_get(ctx); 891 if ((r = BN_CTX_get(ctx)) == NULL)
891 if (d == NULL || r == NULL || t == NULL) 892 goto err;
893 if ((t = BN_CTX_get(ctx)) == NULL)
892 goto err; 894 goto err;
893 895
894 if (in_mont != NULL) 896 if (in_mont != NULL)
@@ -1003,9 +1005,9 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
1003 } 1005 }
1004 1006
1005 BN_CTX_start(ctx); 1007 BN_CTX_start(ctx);
1006 d = BN_CTX_get(ctx); 1008 if ((d = BN_CTX_get(ctx)) == NULL)
1007 val[0] = BN_CTX_get(ctx); 1009 goto err;
1008 if (!d || !val[0]) 1010 if ((val[0] = BN_CTX_get(ctx)) == NULL)
1009 goto err; 1011 goto err;
1010 1012
1011 if (!BN_nnmod(val[0],a,m,ctx)) 1013 if (!BN_nnmod(val[0],a,m,ctx))
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
index c8f0294f7a..38bf467a38 100644
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ b/src/lib/libcrypto/bn/bn_exp2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_exp2.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -150,11 +150,13 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
150 bits = (bits1 > bits2) ? bits1 : bits2; 150 bits = (bits1 > bits2) ? bits1 : bits2;
151 151
152 BN_CTX_start(ctx); 152 BN_CTX_start(ctx);
153 d = BN_CTX_get(ctx); 153 if ((d = BN_CTX_get(ctx)) == NULL)
154 r = BN_CTX_get(ctx); 154 goto err;
155 val1[0] = BN_CTX_get(ctx); 155 if ((r = BN_CTX_get(ctx)) == NULL)
156 val2[0] = BN_CTX_get(ctx); 156 goto err;
157 if (!d || !r || !val1[0] || !val2[0]) 157 if ((val1[0] = BN_CTX_get(ctx)) == NULL)
158 goto err;
159 if ((val2[0] = BN_CTX_get(ctx)) == NULL)
158 goto err; 160 goto err;
159 161
160 if (in_mont != NULL) 162 if (in_mont != NULL)
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
index 379bea99ad..da9c29a8e5 100644
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ b/src/lib/libcrypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
125 bn_check_top(in_b); 125 bn_check_top(in_b);
126 126
127 BN_CTX_start(ctx); 127 BN_CTX_start(ctx);
128 a = BN_CTX_get(ctx); 128 if ((a = BN_CTX_get(ctx)) == NULL)
129 b = BN_CTX_get(ctx); 129 goto err;
130 if (a == NULL || b == NULL) 130 if ((b = BN_CTX_get(ctx)) == NULL)
131 goto err; 131 goto err;
132 132
133 if (BN_copy(a, in_a) == NULL) 133 if (BN_copy(a, in_a) == NULL)
@@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
247 bn_check_top(n); 247 bn_check_top(n);
248 248
249 BN_CTX_start(ctx); 249 BN_CTX_start(ctx);
250 A = BN_CTX_get(ctx); 250 if ((A = BN_CTX_get(ctx)) == NULL)
251 B = BN_CTX_get(ctx); 251 goto err;
252 X = BN_CTX_get(ctx); 252 if ((B = BN_CTX_get(ctx)) == NULL)
253 D = BN_CTX_get(ctx); 253 goto err;
254 M = BN_CTX_get(ctx); 254 if ((X = BN_CTX_get(ctx)) == NULL)
255 Y = BN_CTX_get(ctx); 255 goto err;
256 T = BN_CTX_get(ctx); 256 if ((D = BN_CTX_get(ctx)) == NULL)
257 if (T == NULL) 257 goto err;
258 if ((M = BN_CTX_get(ctx)) == NULL)
259 goto err;
260 if ((Y = BN_CTX_get(ctx)) == NULL)
261 goto err;
262 if ((T = BN_CTX_get(ctx)) == NULL)
258 goto err; 263 goto err;
259 264
260 if (in == NULL) 265 if (in == NULL)
@@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
537 bn_check_top(n); 542 bn_check_top(n);
538 543
539 BN_CTX_start(ctx); 544 BN_CTX_start(ctx);
540 A = BN_CTX_get(ctx); 545 if ((A = BN_CTX_get(ctx)) == NULL)
541 B = BN_CTX_get(ctx); 546 goto err;
542 X = BN_CTX_get(ctx); 547 if ((B = BN_CTX_get(ctx)) == NULL)
543 D = BN_CTX_get(ctx); 548 goto err;
544 M = BN_CTX_get(ctx); 549 if ((X = BN_CTX_get(ctx)) == NULL)
545 Y = BN_CTX_get(ctx); 550 goto err;
546 T = BN_CTX_get(ctx); 551 if ((D = BN_CTX_get(ctx)) == NULL)
547 if (T == NULL) 552 goto err;
553 if ((M = BN_CTX_get(ctx)) == NULL)
554 goto err;
555 if ((Y = BN_CTX_get(ctx)) == NULL)
556 goto err;
557 if ((T = BN_CTX_get(ctx)) == NULL)
548 goto err; 558 goto err;
549 559
550 if (in == NULL) 560 if (in == NULL)
diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c
index 1cd38c7797..4544369248 100644
--- a/src/lib/libcrypto/bn/bn_gf2m.c
+++ b/src/lib/libcrypto/bn/bn_gf2m.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_gf2m.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: bn_gf2m.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -840,8 +840,7 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
840 bn_check_top(p); 840 bn_check_top(p);
841 841
842 BN_CTX_start(ctx); 842 BN_CTX_start(ctx);
843 xinv = BN_CTX_get(ctx); 843 if ((xinv = BN_CTX_get(ctx)) == NULL)
844 if (xinv == NULL)
845 goto err; 844 goto err;
846 845
847 if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) 846 if (!BN_GF2m_mod_inv(xinv, x, p, ctx))
@@ -875,11 +874,13 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
875 874
876 BN_CTX_start(ctx); 875 BN_CTX_start(ctx);
877 876
878 a = BN_CTX_get(ctx); 877 if ((a = BN_CTX_get(ctx)) == NULL)
879 b = BN_CTX_get(ctx); 878 goto err;
880 u = BN_CTX_get(ctx); 879 if ((b = BN_CTX_get(ctx)) == NULL)
881 v = BN_CTX_get(ctx); 880 goto err;
882 if (v == NULL) 881 if ((u = BN_CTX_get(ctx)) == NULL)
882 goto err;
883 if ((v = BN_CTX_get(ctx)) == NULL)
883 goto err; 884 goto err;
884 885
885 /* reduce x and y mod p */ 886 /* reduce x and y mod p */
@@ -1137,10 +1138,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
1137 } 1138 }
1138 1139
1139 BN_CTX_start(ctx); 1140 BN_CTX_start(ctx);
1140 a = BN_CTX_get(ctx); 1141 if ((a = BN_CTX_get(ctx)) == NULL)
1141 z = BN_CTX_get(ctx); 1142 goto err;
1142 w = BN_CTX_get(ctx); 1143 if ((z = BN_CTX_get(ctx)) == NULL)
1143 if (w == NULL) 1144 goto err;
1145 if ((w = BN_CTX_get(ctx)) == NULL)
1144 goto err; 1146 goto err;
1145 1147
1146 if (!BN_GF2m_mod_arr(a, a_, p)) 1148 if (!BN_GF2m_mod_arr(a, a_, p))
@@ -1169,10 +1171,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
1169 } 1171 }
1170 else /* m is even */ 1172 else /* m is even */
1171 { 1173 {
1172 rho = BN_CTX_get(ctx); 1174 if ((rho = BN_CTX_get(ctx)) == NULL)
1173 w2 = BN_CTX_get(ctx); 1175 goto err;
1174 tmp = BN_CTX_get(ctx); 1176 if ((w2 = BN_CTX_get(ctx)) == NULL)
1175 if (tmp == NULL) 1177 goto err;
1178 if ((tmp = BN_CTX_get(ctx)) == NULL)
1176 goto err; 1179 goto err;
1177 do { 1180 do {
1178 if (!BN_rand(rho, p[0], 0, 0)) 1181 if (!BN_rand(rho, p[0], 0, 0))
diff --git a/src/lib/libcrypto/bn/bn_kron.c b/src/lib/libcrypto/bn/bn_kron.c
index 699cda55f0..274da5d186 100644
--- a/src/lib/libcrypto/bn/bn_kron.c
+++ b/src/lib/libcrypto/bn/bn_kron.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_kron.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -79,9 +79,9 @@ BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
79 bn_check_top(b); 79 bn_check_top(b);
80 80
81 BN_CTX_start(ctx); 81 BN_CTX_start(ctx);
82 A = BN_CTX_get(ctx); 82 if ((A = BN_CTX_get(ctx)) == NULL)
83 B = BN_CTX_get(ctx); 83 goto end;
84 if (B == NULL) 84 if ((B = BN_CTX_get(ctx)) == NULL)
85 goto end; 85 goto end;
86 86
87 err = !BN_copy(A, a); 87 err = !BN_copy(A, a);
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
index 5803ca493d..3eb9913a9e 100644
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ b/src/lib/libcrypto/bn/bn_mont.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mont.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,8 +149,7 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
149#endif 149#endif
150 150
151 BN_CTX_start(ctx); 151 BN_CTX_start(ctx);
152 tmp = BN_CTX_get(ctx); 152 if ((tmp = BN_CTX_get(ctx)) == NULL)
153 if (tmp == NULL)
154 goto err; 153 goto err;
155 154
156 bn_check_top(tmp); 155 bn_check_top(tmp);
@@ -288,9 +287,9 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
288 BIGNUM *t1, *t2; 287 BIGNUM *t1, *t2;
289 288
290 BN_CTX_start(ctx); 289 BN_CTX_start(ctx);
291 t1 = BN_CTX_get(ctx); 290 if ((t1 = BN_CTX_get(ctx)) == NULL)
292 t2 = BN_CTX_get(ctx); 291 goto err;
293 if (t1 == NULL || t2 == NULL) 292 if ((t2 = BN_CTX_get(ctx)) == NULL)
294 goto err; 293 goto err;
295 294
296 if (!BN_copy(t1, a)) 295 if (!BN_copy(t1, a))
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
index daba02d6ca..7794d59707 100644
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ b/src/lib/libcrypto/bn/bn_mul.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mul.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1012,8 +1012,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1012 j = 1 << (j - 1); 1012 j = 1 << (j - 1);
1013 assert(j <= al || j <= bl); 1013 assert(j <= al || j <= bl);
1014 k = j + j; 1014 k = j + j;
1015 t = BN_CTX_get(ctx); 1015 if ((t = BN_CTX_get(ctx)) == NULL)
1016 if (t == NULL)
1017 goto err; 1016 goto err;
1018 if (al > j || bl > j) { 1017 if (al > j || bl > j) {
1019 if (bn_wexpand(t, k * 4) == NULL) 1018 if (bn_wexpand(t, k * 4) == NULL)
@@ -1057,7 +1056,8 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1057 j = BN_num_bits_word((BN_ULONG)al); 1056 j = BN_num_bits_word((BN_ULONG)al);
1058 j = 1 << (j - 1); 1057 j = 1 << (j - 1);
1059 k = j + j; 1058 k = j + j;
1060 t = BN_CTX_get(ctx); 1059 if ((t = BN_CTX_get(ctx)) == NULL)
1060 goto err;
1061 if (al == j) /* exact multiple */ 1061 if (al == j) /* exact multiple */
1062 { 1062 {
1063 if (bn_wexpand(t, k * 2) == NULL) 1063 if (bn_wexpand(t, k * 2) == NULL)
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
index e5cd315e47..02780d32e6 100644
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ b/src/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -170,8 +170,7 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
170 if (ctx == NULL) 170 if (ctx == NULL)
171 goto err; 171 goto err;
172 BN_CTX_start(ctx); 172 BN_CTX_start(ctx);
173 t = BN_CTX_get(ctx); 173 if ((t = BN_CTX_get(ctx)) == NULL)
174 if (!t)
175 goto err; 174 goto err;
176loop: 175loop:
177 /* make a random number and set the top and bottom bits */ 176 /* make a random number and set the top and bottom bits */
@@ -287,10 +286,11 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
287 A = t; 286 A = t;
288 } else 287 } else
289 A = a; 288 A = a;
290 A1 = BN_CTX_get(ctx); 289 if ((A1 = BN_CTX_get(ctx)) == NULL)
291 A1_odd = BN_CTX_get(ctx); 290 goto err;
292 check = BN_CTX_get(ctx); 291 if ((A1_odd = BN_CTX_get(ctx)) == NULL)
293 if (check == NULL) 292 goto err;
293 if ((check = BN_CTX_get(ctx)) == NULL)
294 goto err; 294 goto err;
295 295
296 /* compute A1 := A - 1 */ 296 /* compute A1 := A - 1 */
@@ -461,10 +461,11 @@ probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
461 461
462 bits--; 462 bits--;
463 BN_CTX_start(ctx); 463 BN_CTX_start(ctx);
464 t1 = BN_CTX_get(ctx); 464 if ((t1 = BN_CTX_get(ctx)) == NULL)
465 q = BN_CTX_get(ctx); 465 goto err;
466 qadd = BN_CTX_get(ctx); 466 if ((q = BN_CTX_get(ctx)) == NULL)
467 if (qadd == NULL) 467 goto err;
468 if ((qadd = BN_CTX_get(ctx)) == NULL)
468 goto err; 469 goto err;
469 470
470 if (!BN_rshift1(qadd, padd)) 471 if (!BN_rshift1(qadd, padd))
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
index 5ea9fb083d..a0dce6ea81 100644
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ b/src/lib/libcrypto/bn/bn_sqr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_sqr.c,v 1.11 2014/07/11 13:26:31 miod Exp $ */ 1/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -85,7 +85,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
85 BN_CTX_start(ctx); 85 BN_CTX_start(ctx);
86 rr = (a != r) ? r : BN_CTX_get(ctx); 86 rr = (a != r) ? r : BN_CTX_get(ctx);
87 tmp = BN_CTX_get(ctx); 87 tmp = BN_CTX_get(ctx);
88 if (!rr || !tmp) 88 if (rr == NULL || tmp == NULL)
89 goto err; 89 goto err;
90 90
91 max = 2 * al; /* Non-zero (from above) */ 91 max = 2 * al; /* Non-zero (from above) */
diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c
index 9a59d56b3f..f94fa41094 100644
--- a/src/lib/libcrypto/bn/bn_sqrt.c
+++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_sqrt.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * and Bodo Moeller for the OpenSSL project. */ 3 * and Bodo Moeller for the OpenSSL project. */
4/* ==================================================================== 4/* ====================================================================
@@ -108,13 +108,17 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
108 } 108 }
109 109
110 BN_CTX_start(ctx); 110 BN_CTX_start(ctx);
111 A = BN_CTX_get(ctx); 111 if ((A = BN_CTX_get(ctx)) == NULL)
112 b = BN_CTX_get(ctx); 112 goto end;
113 q = BN_CTX_get(ctx); 113 if ((b = BN_CTX_get(ctx)) == NULL)
114 t = BN_CTX_get(ctx); 114 goto end;
115 x = BN_CTX_get(ctx); 115 if ((q = BN_CTX_get(ctx)) == NULL)
116 y = BN_CTX_get(ctx); 116 goto end;
117 if (y == NULL) 117 if ((t = BN_CTX_get(ctx)) == NULL)
118 goto end;
119 if ((x = BN_CTX_get(ctx)) == NULL)
120 goto end;
121 if ((y = BN_CTX_get(ctx)) == NULL)
118 goto end; 122 goto end;
119 123
120 if (ret == NULL) 124 if (ret == NULL)
diff --git a/src/lib/libcrypto/bn/bn_x931p.c b/src/lib/libcrypto/bn/bn_x931p.c
index fc8d4c3c49..89c86c1ff7 100644
--- a/src/lib/libcrypto/bn/bn_x931p.c
+++ b/src/lib/libcrypto/bn/bn_x931p.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_x931p.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: bn_x931p.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -107,17 +107,21 @@ BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp,
107 return 0; 107 return 0;
108 108
109 BN_CTX_start(ctx); 109 BN_CTX_start(ctx);
110 if (!p1) 110 if (p1 != NULL) {
111 p1 = BN_CTX_get(ctx); 111 if ((p1 = BN_CTX_get(ctx)) == NULL)
112 112 goto err;
113 if (!p2) 113 }
114 p2 = BN_CTX_get(ctx); 114 if (p2 != NULL) {
115 115 if ((p2 = BN_CTX_get(ctx)) == NULL)
116 t = BN_CTX_get(ctx); 116 goto err;
117 117 }
118 p1p2 = BN_CTX_get(ctx);
119 118
120 pm1 = BN_CTX_get(ctx); 119 if ((t = BN_CTX_get(ctx)) == NULL)
120 goto err;
121 if ((p1p2 = BN_CTX_get(ctx)) == NULL)
122 goto err;
123 if ((pm1 = BN_CTX_get(ctx)) == NULL)
124 goto err;
121 125
122 if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) 126 if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
123 goto err; 127 goto err;
@@ -213,7 +217,8 @@ BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
213 return 0; 217 return 0;
214 218
215 BN_CTX_start(ctx); 219 BN_CTX_start(ctx);
216 t = BN_CTX_get(ctx); 220 if ((t = BN_CTX_get(ctx)) == NULL)
221 return 0;
217 222
218 for (i = 0; i < 1000; i++) { 223 for (i = 0; i < 1000; i++) {
219 if (!BN_rand(Xq, nbits, 1, 0)) 224 if (!BN_rand(Xq, nbits, 1, 0))
@@ -247,10 +252,14 @@ BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
247 int ret = 0; 252 int ret = 0;
248 253
249 BN_CTX_start(ctx); 254 BN_CTX_start(ctx);
250 if (!Xp1) 255 if (Xp1 != NULL) {
251 Xp1 = BN_CTX_get(ctx); 256 if ((Xp1 = BN_CTX_get(ctx)) == NULL)
252 if (!Xp2) 257 goto error;
253 Xp2 = BN_CTX_get(ctx); 258 }
259 if (Xp2 != NULL) {
260 if ((Xp2 = BN_CTX_get(ctx)) == NULL)
261 goto error;
262 }
254 263
255 if (!BN_rand(Xp1, 101, 0, 0)) 264 if (!BN_rand(Xp1, 101, 0, 0))
256 goto error; 265 goto error;
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index 1bc37b987e..de566802d3 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */ 1/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -115,9 +115,9 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
115 if (ctx == NULL) 115 if (ctx == NULL)
116 goto err; 116 goto err;
117 BN_CTX_start(ctx); 117 BN_CTX_start(ctx);
118 t1 = BN_CTX_get(ctx); 118 if ((t1 = BN_CTX_get(ctx)) == NULL)
119 t2 = BN_CTX_get(ctx); 119 goto err;
120 if (t1 == NULL || t2 == NULL) 120 if ((t2 = BN_CTX_get(ctx)) == NULL)
121 goto err; 121 goto err;
122 122
123 /* Make sure 'ret' has the necessary elements */ 123 /* Make sure 'ret' has the necessary elements */
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index b8352149e2..31bc7b3dfd 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.22 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -195,7 +195,8 @@ compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
195 if (ctx == NULL) 195 if (ctx == NULL)
196 goto err; 196 goto err;
197 BN_CTX_start(ctx); 197 BN_CTX_start(ctx);
198 tmp = BN_CTX_get(ctx); 198 if ((tmp = BN_CTX_get(ctx)) == NULL)
199 goto err;
199 200
200 if (dh->priv_key == NULL) { 201 if (dh->priv_key == NULL) {
201 DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE); 202 DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index 296a544c31..dcfa957884 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_gen.c,v 1.17 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: dsa_gen.c,v 1.18 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -148,14 +148,22 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd,
148 goto err; 148 goto err;
149 149
150 BN_CTX_start(ctx); 150 BN_CTX_start(ctx);
151 r0 = BN_CTX_get(ctx); 151 if ((r0 = BN_CTX_get(ctx)) == NULL)
152 g = BN_CTX_get(ctx); 152 goto err;
153 W = BN_CTX_get(ctx); 153 if ((g = BN_CTX_get(ctx)) == NULL)
154 q = BN_CTX_get(ctx); 154 goto err;
155 X = BN_CTX_get(ctx); 155 if ((W = BN_CTX_get(ctx)) == NULL)
156 c = BN_CTX_get(ctx); 156 goto err;
157 p = BN_CTX_get(ctx); 157 if ((q = BN_CTX_get(ctx)) == NULL)
158 test = BN_CTX_get(ctx); 158 goto err;
159 if ((X = BN_CTX_get(ctx)) == NULL)
160 goto err;
161 if ((c = BN_CTX_get(ctx)) == NULL)
162 goto err;
163 if ((p = BN_CTX_get(ctx)) == NULL)
164 goto err;
165 if ((test = BN_CTX_get(ctx)) == NULL)
166 goto err;
159 167
160 if (!BN_lshift(test, BN_value_one(), bits - 1)) 168 if (!BN_lshift(test, BN_value_one(), bits - 1))
161 goto err; 169 goto err;
diff --git a/src/lib/libcrypto/ec/ec2_mult.c b/src/lib/libcrypto/ec/ec2_mult.c
index dd113907be..8f0091efe1 100644
--- a/src/lib/libcrypto/ec/ec2_mult.c
+++ b/src/lib/libcrypto/ec/ec2_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx)
91 91
92 /* Since Mdouble is static we can guarantee that ctx != NULL. */ 92 /* Since Mdouble is static we can guarantee that ctx != NULL. */
93 BN_CTX_start(ctx); 93 BN_CTX_start(ctx);
94 t1 = BN_CTX_get(ctx); 94 if ((t1 = BN_CTX_get(ctx)) == NULL)
95 if (t1 == NULL)
96 goto err; 95 goto err;
97 96
98 if (!group->meth->field_sqr(group, x, x, ctx)) 97 if (!group->meth->field_sqr(group, x, x, ctx))
@@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1,
132 131
133 /* Since Madd is static we can guarantee that ctx != NULL. */ 132 /* Since Madd is static we can guarantee that ctx != NULL. */
134 BN_CTX_start(ctx); 133 BN_CTX_start(ctx);
135 t1 = BN_CTX_get(ctx); 134 if ((t1 = BN_CTX_get(ctx)) == NULL)
136 t2 = BN_CTX_get(ctx); 135 goto err;
137 if (t2 == NULL) 136 if ((t2 = BN_CTX_get(ctx)) == NULL)
138 goto err; 137 goto err;
139 138
140 if (!BN_copy(t1, x)) 139 if (!BN_copy(t1, x))
@@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1,
191 } 190 }
192 /* Since Mxy is static we can guarantee that ctx != NULL. */ 191 /* Since Mxy is static we can guarantee that ctx != NULL. */
193 BN_CTX_start(ctx); 192 BN_CTX_start(ctx);
194 t3 = BN_CTX_get(ctx); 193 if ((t3 = BN_CTX_get(ctx)) == NULL)
195 t4 = BN_CTX_get(ctx); 194 goto err;
196 t5 = BN_CTX_get(ctx); 195 if ((t4 = BN_CTX_get(ctx)) == NULL)
197 if (t5 == NULL) 196 goto err;
197 if ((t5 = BN_CTX_get(ctx)) == NULL)
198 goto err; 198 goto err;
199 199
200 if (!BN_one(t5)) 200 if (!BN_one(t5))
@@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
281 281
282 /* Since point_multiply is static we can guarantee that ctx != NULL. */ 282 /* Since point_multiply is static we can guarantee that ctx != NULL. */
283 BN_CTX_start(ctx); 283 BN_CTX_start(ctx);
284 x1 = BN_CTX_get(ctx); 284 if ((x1 = BN_CTX_get(ctx)) == NULL)
285 z1 = BN_CTX_get(ctx); 285 goto err;
286 if (z1 == NULL) 286 if ((z1 = BN_CTX_get(ctx)) == NULL)
287 goto err; 287 goto err;
288 288
289 x2 = &r->X; 289 x2 = &r->X;
diff --git a/src/lib/libcrypto/ec/ec2_oct.c b/src/lib/libcrypto/ec/ec2_oct.c
index c45d9c2219..72690b1bc7 100644
--- a/src/lib/libcrypto/ec/ec2_oct.c
+++ b/src/lib/libcrypto/ec/ec2_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point
109 y_bit = (y_bit != 0) ? 1 : 0; 109 y_bit = (y_bit != 0) ? 1 : 0;
110 110
111 BN_CTX_start(ctx); 111 BN_CTX_start(ctx);
112 tmp = BN_CTX_get(ctx); 112 if ((tmp = BN_CTX_get(ctx)) == NULL)
113 x = BN_CTX_get(ctx); 113 goto err;
114 y = BN_CTX_get(ctx); 114 if ((x = BN_CTX_get(ctx)) == NULL)
115 z = BN_CTX_get(ctx); 115 goto err;
116 if (z == NULL) 116 if ((y = BN_CTX_get(ctx)) == NULL)
117 goto err;
118 if ((z = BN_CTX_get(ctx)) == NULL)
117 goto err; 119 goto err;
118 120
119 if (!BN_GF2m_mod_arr(x, x_, group->poly)) 121 if (!BN_GF2m_mod_arr(x, x_, group->poly))
@@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
212 } 214 }
213 BN_CTX_start(ctx); 215 BN_CTX_start(ctx);
214 used_ctx = 1; 216 used_ctx = 1;
215 x = BN_CTX_get(ctx); 217 if ((x = BN_CTX_get(ctx)) == NULL)
216 y = BN_CTX_get(ctx); 218 goto err;
217 yxi = BN_CTX_get(ctx); 219 if ((y = BN_CTX_get(ctx)) == NULL)
218 if (yxi == NULL) 220 goto err;
221 if ((yxi = BN_CTX_get(ctx)) == NULL)
219 goto err; 222 goto err;
220 223
221 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) 224 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
@@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
329 return 0; 332 return 0;
330 } 333 }
331 BN_CTX_start(ctx); 334 BN_CTX_start(ctx);
332 x = BN_CTX_get(ctx); 335 if ((x = BN_CTX_get(ctx)) == NULL)
333 y = BN_CTX_get(ctx); 336 goto err;
334 yxi = BN_CTX_get(ctx); 337 if ((y = BN_CTX_get(ctx)) == NULL)
335 if (yxi == NULL) 338 goto err;
339 if ((yxi = BN_CTX_get(ctx)) == NULL)
336 goto err; 340 goto err;
337 341
338 if (!BN_bin2bn(buf + 1, field_len, x)) 342 if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c
index b9c066c5c1..43f0afd5ae 100644
--- a/src/lib/libcrypto/ec/ec2_smpl.c
+++ b/src/lib/libcrypto/ec/ec2_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
291 } 291 }
292 } 292 }
293 BN_CTX_start(ctx); 293 BN_CTX_start(ctx);
294 b = BN_CTX_get(ctx); 294 if ((b = BN_CTX_get(ctx)) == NULL)
295 if (b == NULL)
296 goto err; 295 goto err;
297 296
298 if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) 297 if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
@@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
464 return 0; 463 return 0;
465 } 464 }
466 BN_CTX_start(ctx); 465 BN_CTX_start(ctx);
467 x0 = BN_CTX_get(ctx); 466 if ((x0 = BN_CTX_get(ctx)) == NULL)
468 y0 = BN_CTX_get(ctx); 467 goto err;
469 x1 = BN_CTX_get(ctx); 468 if ((y0 = BN_CTX_get(ctx)) == NULL)
470 y1 = BN_CTX_get(ctx); 469 goto err;
471 x2 = BN_CTX_get(ctx); 470 if ((x1 = BN_CTX_get(ctx)) == NULL)
472 y2 = BN_CTX_get(ctx); 471 goto err;
473 s = BN_CTX_get(ctx); 472 if ((y1 = BN_CTX_get(ctx)) == NULL)
474 t = BN_CTX_get(ctx); 473 goto err;
475 if (t == NULL) 474 if ((x2 = BN_CTX_get(ctx)) == NULL)
475 goto err;
476 if ((y2 = BN_CTX_get(ctx)) == NULL)
477 goto err;
478 if ((s = BN_CTX_get(ctx)) == NULL)
479 goto err;
480 if ((t = BN_CTX_get(ctx)) == NULL)
476 goto err; 481 goto err;
477 482
478 if (a->Z_is_one) { 483 if (a->Z_is_one) {
@@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX
611 return -1; 616 return -1;
612 } 617 }
613 BN_CTX_start(ctx); 618 BN_CTX_start(ctx);
614 y2 = BN_CTX_get(ctx); 619 if ((y2 = BN_CTX_get(ctx)) == NULL)
615 lh = BN_CTX_get(ctx); 620 goto err;
616 if (lh == NULL) 621 if ((lh = BN_CTX_get(ctx)) == NULL)
617 goto err; 622 goto err;
618 623
619 /* 624 /*
@@ -651,7 +656,8 @@ err:
651 * 1 not equal 656 * 1 not equal
652 */ 657 */
653int 658int
654ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx) 659ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
660 const EC_POINT *b, BN_CTX *ctx)
655{ 661{
656 BIGNUM *aX, *aY, *bX, *bY; 662 BIGNUM *aX, *aY, *bX, *bY;
657 BN_CTX *new_ctx = NULL; 663 BN_CTX *new_ctx = NULL;
@@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT *
672 return -1; 678 return -1;
673 } 679 }
674 BN_CTX_start(ctx); 680 BN_CTX_start(ctx);
675 aX = BN_CTX_get(ctx); 681 if ((aX = BN_CTX_get(ctx)) == NULL)
676 aY = BN_CTX_get(ctx); 682 goto err;
677 bX = BN_CTX_get(ctx); 683 if ((aY = BN_CTX_get(ctx)) == NULL)
678 bY = BN_CTX_get(ctx); 684 goto err;
679 if (bY == NULL) 685 if ((bX = BN_CTX_get(ctx)) == NULL)
686 goto err;
687 if ((bY = BN_CTX_get(ctx)) == NULL)
680 goto err; 688 goto err;
681 689
682 if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) 690 if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
@@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct
710 return 0; 718 return 0;
711 } 719 }
712 BN_CTX_start(ctx); 720 BN_CTX_start(ctx);
713 x = BN_CTX_get(ctx); 721 if ((x = BN_CTX_get(ctx)) == NULL)
714 y = BN_CTX_get(ctx); 722 goto err;
715 if (y == NULL) 723 if ((y = BN_CTX_get(ctx)) == NULL)
716 goto err; 724 goto err;
717 725
718 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) 726 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c
index f9904b4ee9..45192c3231 100644
--- a/src/lib/libcrypto/ec/ec_key.c
+++ b/src/lib/libcrypto/ec/ec_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
359 if (tmp_nid == NID_X9_62_characteristic_two_field) 359 if (tmp_nid == NID_X9_62_characteristic_two_field)
360 is_char_two = 1; 360 is_char_two = 1;
361 361
362 tx = BN_CTX_get(ctx); 362 if ((tx = BN_CTX_get(ctx)) == NULL)
363 ty = BN_CTX_get(ctx); 363 goto err;
364 if ((ty = BN_CTX_get(ctx)) == NULL)
365 goto err;
366
364#ifndef OPENSSL_NO_EC2M 367#ifndef OPENSSL_NO_EC2M
365 if (is_char_two) { 368 if (is_char_two) {
366 if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, 369 if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 47ccc614d1..8cf0f2241e 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
497 return -1; 497 return -1;
498 498
499 BN_CTX_start(ctx); 499 BN_CTX_start(ctx);
500 a1 = BN_CTX_get(ctx); 500 if ((a1 = BN_CTX_get(ctx)) == NULL)
501 a2 = BN_CTX_get(ctx); 501 goto err;
502 a3 = BN_CTX_get(ctx); 502 if ((a2 = BN_CTX_get(ctx)) == NULL)
503 b1 = BN_CTX_get(ctx); 503 goto err;
504 b2 = BN_CTX_get(ctx); 504 if ((a3 = BN_CTX_get(ctx)) == NULL)
505 b3 = BN_CTX_get(ctx); 505 goto err;
506 if (!b3) { 506 if ((b1 = BN_CTX_get(ctx)) == NULL)
507 BN_CTX_end(ctx); 507 goto err;
508 if (ctx_new) 508 if ((b2 = BN_CTX_get(ctx)) == NULL)
509 BN_CTX_free(ctx); 509 goto err;
510 return -1; 510 if ((b3 = BN_CTX_get(ctx)) == NULL)
511 } 511 goto err;
512
512 /* 513 /*
513 * XXX This approach assumes that the external representation of 514 * XXX This approach assumes that the external representation of
514 * curves over the same field type is the same. 515 * curves over the same field type is the same.
@@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
544 BN_CTX_free(ctx); 545 BN_CTX_free(ctx);
545 546
546 return r; 547 return r;
548
549err:
550 BN_CTX_end(ctx);
551 if (ctx_new)
552 BN_CTX_free(ctx);
553 return -1;
547} 554}
548 555
549 556
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index 9e3aee13a2..e711413598 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
753 goto err; 753 goto err;
754 } 754 }
755 BN_CTX_start(ctx); 755 BN_CTX_start(ctx);
756 order = BN_CTX_get(ctx); 756 if ((order = BN_CTX_get(ctx)) == NULL)
757 if (order == NULL)
758 goto err; 757 goto err;
759 758
760 if (!EC_GROUP_get_order(group, order, ctx)) 759 if (!EC_GROUP_get_order(group, order, ctx))
diff --git a/src/lib/libcrypto/ec/ecp_oct.c b/src/lib/libcrypto/ec/ecp_oct.c
index abc31e6382..994f0b08b1 100644
--- a/src/lib/libcrypto/ec/ecp_oct.c
+++ b/src/lib/libcrypto/ec/ecp_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,8 +67,8 @@
67#include "ec_lcl.h" 67#include "ec_lcl.h"
68 68
69int 69int
70ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point, 70ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group,
71 const BIGNUM * x_, int y_bit, BN_CTX * ctx) 71 EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx)
72{ 72{
73 BN_CTX *new_ctx = NULL; 73 BN_CTX *new_ctx = NULL;
74 BIGNUM *tmp1, *tmp2, *x, *y; 74 BIGNUM *tmp1, *tmp2, *x, *y;
@@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin
85 y_bit = (y_bit != 0); 85 y_bit = (y_bit != 0);
86 86
87 BN_CTX_start(ctx); 87 BN_CTX_start(ctx);
88 tmp1 = BN_CTX_get(ctx); 88 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
89 tmp2 = BN_CTX_get(ctx); 89 goto err;
90 x = BN_CTX_get(ctx); 90 if ((tmp2 = BN_CTX_get(ctx)) == NULL)
91 y = BN_CTX_get(ctx); 91 goto err;
92 if (y == NULL) 92 if ((x = BN_CTX_get(ctx)) == NULL)
93 goto err;
94 if ((y = BN_CTX_get(ctx)) == NULL)
93 goto err; 95 goto err;
94 96
95 /* 97 /*
@@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co
239 } 241 }
240 BN_CTX_start(ctx); 242 BN_CTX_start(ctx);
241 used_ctx = 1; 243 used_ctx = 1;
242 x = BN_CTX_get(ctx); 244 if ((x = BN_CTX_get(ctx)) == NULL)
243 y = BN_CTX_get(ctx); 245 goto err;
244 if (y == NULL) 246 if ((y = BN_CTX_get(ctx)) == NULL)
245 goto err; 247 goto err;
246 248
247 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) 249 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
348 return 0; 350 return 0;
349 } 351 }
350 BN_CTX_start(ctx); 352 BN_CTX_start(ctx);
351 x = BN_CTX_get(ctx); 353 if ((x = BN_CTX_get(ctx)) == NULL)
352 y = BN_CTX_get(ctx); 354 goto err;
353 if (y == NULL) 355 if ((y = BN_CTX_get(ctx)) == NULL)
354 goto err; 356 goto err;
355 357
356 if (!BN_bin2bn(buf + 1, field_len, x)) 358 if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 7b3bb2364d..f6db4dc9b1 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group,
188 return 0; 188 return 0;
189 } 189 }
190 BN_CTX_start(ctx); 190 BN_CTX_start(ctx);
191 tmp_a = BN_CTX_get(ctx); 191 if ((tmp_a = BN_CTX_get(ctx)) == NULL)
192 if (tmp_a == NULL)
193 goto err; 192 goto err;
194 193
195 /* group->field */ 194 /* group->field */
@@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
294 } 293 }
295 } 294 }
296 BN_CTX_start(ctx); 295 BN_CTX_start(ctx);
297 a = BN_CTX_get(ctx); 296 if ((a = BN_CTX_get(ctx)) == NULL)
298 b = BN_CTX_get(ctx); 297 goto err;
299 tmp_1 = BN_CTX_get(ctx); 298 if ((b = BN_CTX_get(ctx)) == NULL)
300 tmp_2 = BN_CTX_get(ctx); 299 goto err;
301 order = BN_CTX_get(ctx); 300 if ((tmp_1 = BN_CTX_get(ctx)) == NULL)
302 if (order == NULL) 301 goto err;
302 if ((tmp_2 = BN_CTX_get(ctx)) == NULL)
303 goto err;
304 if ((order = BN_CTX_get(ctx)) == NULL)
303 goto err; 305 goto err;
304 306
305 if (group->meth->field_decode) { 307 if (group->meth->field_decode) {
@@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN
539 return 0; 541 return 0;
540 } 542 }
541 BN_CTX_start(ctx); 543 BN_CTX_start(ctx);
542 Z = BN_CTX_get(ctx); 544 if ((Z = BN_CTX_get(ctx)) == NULL)
543 Z_1 = BN_CTX_get(ctx); 545 goto err;
544 Z_2 = BN_CTX_get(ctx); 546 if ((Z_1 = BN_CTX_get(ctx)) == NULL)
545 Z_3 = BN_CTX_get(ctx); 547 goto err;
546 if (Z_3 == NULL) 548 if ((Z_2 = BN_CTX_get(ctx)) == NULL)
549 goto err;
550 if ((Z_3 = BN_CTX_get(ctx)) == NULL)
547 goto err; 551 goto err;
548 552
549 /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */ 553 /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */
@@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons
652 return 0; 656 return 0;
653 } 657 }
654 BN_CTX_start(ctx); 658 BN_CTX_start(ctx);
655 n0 = BN_CTX_get(ctx); 659 if ((n0 = BN_CTX_get(ctx)) == NULL)
656 n1 = BN_CTX_get(ctx); 660 goto end;
657 n2 = BN_CTX_get(ctx); 661 if ((n1 = BN_CTX_get(ctx)) == NULL)
658 n3 = BN_CTX_get(ctx); 662 goto end;
659 n4 = BN_CTX_get(ctx); 663 if ((n2 = BN_CTX_get(ctx)) == NULL)
660 n5 = BN_CTX_get(ctx); 664 goto end;
661 n6 = BN_CTX_get(ctx); 665 if ((n3 = BN_CTX_get(ctx)) == NULL)
662 if (n6 == NULL) 666 goto end;
667 if ((n4 = BN_CTX_get(ctx)) == NULL)
668 goto end;
669 if ((n5 = BN_CTX_get(ctx)) == NULL)
670 goto end;
671 if ((n6 = BN_CTX_get(ctx)) == NULL)
663 goto end; 672 goto end;
664 673
665 /* 674 /*
@@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C
834 return 0; 843 return 0;
835 } 844 }
836 BN_CTX_start(ctx); 845 BN_CTX_start(ctx);
837 n0 = BN_CTX_get(ctx); 846 if ((n0 = BN_CTX_get(ctx)) == NULL)
838 n1 = BN_CTX_get(ctx); 847 goto err;
839 n2 = BN_CTX_get(ctx); 848 if ((n1 = BN_CTX_get(ctx)) == NULL)
840 n3 = BN_CTX_get(ctx); 849 goto err;
841 if (n3 == NULL) 850 if ((n2 = BN_CTX_get(ctx)) == NULL)
851 goto err;
852 if ((n3 = BN_CTX_get(ctx)) == NULL)
842 goto err; 853 goto err;
843 854
844 /* 855 /*
@@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX
990 return -1; 1001 return -1;
991 } 1002 }
992 BN_CTX_start(ctx); 1003 BN_CTX_start(ctx);
993 rh = BN_CTX_get(ctx); 1004 if ((rh = BN_CTX_get(ctx)) == NULL)
994 tmp = BN_CTX_get(ctx); 1005 goto err;
995 Z4 = BN_CTX_get(ctx); 1006 if ((tmp = BN_CTX_get(ctx)) == NULL)
996 Z6 = BN_CTX_get(ctx); 1007 goto err;
997 if (Z6 == NULL) 1008 if ((Z4 = BN_CTX_get(ctx)) == NULL)
1009 goto err;
1010 if ((Z6 = BN_CTX_get(ctx)) == NULL)
998 goto err; 1011 goto err;
999 1012
1000 /* 1013 /*
@@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b
1101 return -1; 1114 return -1;
1102 } 1115 }
1103 BN_CTX_start(ctx); 1116 BN_CTX_start(ctx);
1104 tmp1 = BN_CTX_get(ctx); 1117 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
1105 tmp2 = BN_CTX_get(ctx); 1118 goto end;
1106 Za23 = BN_CTX_get(ctx); 1119 if ((tmp2 = BN_CTX_get(ctx)) == NULL)
1107 Zb23 = BN_CTX_get(ctx); 1120 goto end;
1108 if (Zb23 == NULL) 1121 if ((Za23 = BN_CTX_get(ctx)) == NULL)
1122 goto end;
1123 if ((Zb23 = BN_CTX_get(ctx)) == NULL)
1109 goto end; 1124 goto end;
1110 1125
1111 /* 1126 /*
@@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx
1184 return 0; 1199 return 0;
1185 } 1200 }
1186 BN_CTX_start(ctx); 1201 BN_CTX_start(ctx);
1187 x = BN_CTX_get(ctx); 1202 if ((x = BN_CTX_get(ctx)) == NULL)
1188 y = BN_CTX_get(ctx); 1203 goto err;
1189 if (y == NULL) 1204 if ((y = BN_CTX_get(ctx)) == NULL)
1190 goto err; 1205 goto err;
1191 1206
1192 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) 1207 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1225 return 0; 1240 return 0;
1226 } 1241 }
1227 BN_CTX_start(ctx); 1242 BN_CTX_start(ctx);
1228 tmp0 = BN_CTX_get(ctx); 1243 if ((tmp0 = BN_CTX_get(ctx)) == NULL)
1229 tmp1 = BN_CTX_get(ctx); 1244 goto err;
1230 if (tmp0 == NULL || tmp1 == NULL) 1245 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
1231 goto err; 1246 goto err;
1232 1247
1233 /* 1248 /*
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
index ee130edeee..4fae7cacfd 100644
--- a/src/lib/libcrypto/ecdh/ech_ossl.c
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -120,8 +120,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
120 120
121 if ((ctx = BN_CTX_new()) == NULL) goto err; 121 if ((ctx = BN_CTX_new()) == NULL) goto err;
122 BN_CTX_start(ctx); 122 BN_CTX_start(ctx);
123 x = BN_CTX_get(ctx); 123 if ((x = BN_CTX_get(ctx)) == NULL)
124 y = BN_CTX_get(ctx); 124 goto err;
125 if ((y = BN_CTX_get(ctx)) == NULL)
126 goto err;
125 127
126 priv_key = EC_KEY_get0_private_key(ecdh); 128 priv_key = EC_KEY_get0_private_key(ecdh);
127 if (priv_key == NULL) 129 if (priv_key == NULL)
diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c
index c33a776707..784b74a22f 100644
--- a/src/lib/libcrypto/engine/eng_rsax.c
+++ b/src/lib/libcrypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.12 2014/11/19 13:35:37 krw Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -519,9 +519,12 @@ e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
519 int ret = 0; 519 int ret = 0;
520 520
521 BN_CTX_start(ctx); 521 BN_CTX_start(ctx);
522 r1 = BN_CTX_get(ctx); 522 if ((r1 = BN_CTX_get(ctx)) == NULL)
523 m1 = BN_CTX_get(ctx); 523 goto err;
524 vrfy = BN_CTX_get(ctx); 524 if ((m1 = BN_CTX_get(ctx)) == NULL)
525 goto err;
526 if ((vrfy = BN_CTX_get(ctx)) == NULL)
527 goto err;
525 528
526 { 529 {
527 BIGNUM local_p, local_q; 530 BIGNUM local_p, local_q;
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index b057dd2201..cf7f9a328b 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_crpt.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: rsa_crpt.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -145,10 +145,11 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
145 return NULL; 145 return NULL;
146 146
147 BN_CTX_start(ctx); 147 BN_CTX_start(ctx);
148 r0 = BN_CTX_get(ctx); 148 if ((r0 = BN_CTX_get(ctx)) == NULL)
149 r1 = BN_CTX_get(ctx); 149 goto err;
150 r2 = BN_CTX_get(ctx); 150 if ((r1 = BN_CTX_get(ctx)) == NULL)
151 if (r2 == NULL) 151 goto err;
152 if ((r2 = BN_CTX_get(ctx)) == NULL)
152 goto err; 153 goto err;
153 154
154 if (!BN_sub(r1, p, BN_value_one())) 155 if (!BN_sub(r1, p, BN_value_one()))
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index f8031c87a2..0eb18cf3c7 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_eay.c,v 1.36 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -181,7 +181,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
181 ret = BN_CTX_get(ctx); 181 ret = BN_CTX_get(ctx);
182 num = BN_num_bytes(rsa->n); 182 num = BN_num_bytes(rsa->n);
183 buf = malloc(num); 183 buf = malloc(num);
184 if (!f || !ret || !buf) { 184 if (f == NULL || ret == NULL || buf == NULL) {
185 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); 185 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
186 goto err; 186 goto err;
187 } 187 }
@@ -366,7 +366,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
366 ret = BN_CTX_get(ctx); 366 ret = BN_CTX_get(ctx);
367 num = BN_num_bytes(rsa->n); 367 num = BN_num_bytes(rsa->n);
368 buf = malloc(num); 368 buf = malloc(num);
369 if (!f || !ret || !buf) { 369 if (f == NULL || ret == NULL || buf == NULL) {
370 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); 370 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
371 goto err; 371 goto err;
372 } 372 }
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
index a3b9da4856..f6f051c442 100644
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ b/src/lib/libcrypto/rsa/rsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_gen.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,11 +99,13 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
99 if (ctx == NULL) 99 if (ctx == NULL)
100 goto err; 100 goto err;
101 BN_CTX_start(ctx); 101 BN_CTX_start(ctx);
102 r0 = BN_CTX_get(ctx); 102 if ((r0 = BN_CTX_get(ctx)) == NULL)
103 r1 = BN_CTX_get(ctx); 103 goto err;
104 r2 = BN_CTX_get(ctx); 104 if ((r1 = BN_CTX_get(ctx)) == NULL)
105 r3 = BN_CTX_get(ctx); 105 goto err;
106 if (r3 == NULL) 106 if ((r2 = BN_CTX_get(ctx)) == NULL)
107 goto err;
108 if ((r3 = BN_CTX_get(ctx)) == NULL)
107 goto err; 109 goto err;
108 110
109 bitsp = (bits + 1) / 2; 111 bitsp = (bits + 1) / 2;
diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c
index f4deccf77f..fefc53f9fa 100644
--- a/src/lib/libssl/src/crypto/bn/bn_div.c
+++ b/src/lib/libssl/src/crypto/bn/bn_div.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_div.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -170,7 +170,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
170 res = BN_CTX_get(ctx); 170 res = BN_CTX_get(ctx);
171 else 171 else
172 res = dv; 172 res = dv;
173 if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) 173 if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL)
174 goto err; 174 goto err;
175 175
176 /* First we normalise the numbers */ 176 /* First we normalise the numbers */
diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c
index 1aa5503dae..eecab5163b 100644
--- a/src/lib/libssl/src/crypto/bn/bn_exp.c
+++ b/src/lib/libssl/src/crypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_exp.c,v 1.19 2014/07/11 15:01:49 miod Exp $ */ 1/* $OpenBSD: bn_exp.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -272,9 +272,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
272 } 272 }
273 273
274 BN_CTX_start(ctx); 274 BN_CTX_start(ctx);
275 aa = BN_CTX_get(ctx); 275 if ((aa = BN_CTX_get(ctx)) == NULL)
276 val[0] = BN_CTX_get(ctx); 276 goto err;
277 if (!aa || !val[0]) 277 if ((val[0] = BN_CTX_get(ctx)) == NULL)
278 goto err; 278 goto err;
279 279
280 BN_RECP_CTX_init(&recp); 280 BN_RECP_CTX_init(&recp);
@@ -408,10 +408,11 @@ BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
408 } 408 }
409 409
410 BN_CTX_start(ctx); 410 BN_CTX_start(ctx);
411 d = BN_CTX_get(ctx); 411 if ((d = BN_CTX_get(ctx)) == NULL)
412 r = BN_CTX_get(ctx); 412 goto err;
413 val[0] = BN_CTX_get(ctx); 413 if ((r = BN_CTX_get(ctx)) == NULL)
414 if (!d || !r || !val[0]) 414 goto err;
415 if ((val[0] = BN_CTX_get(ctx)) == NULL)
415 goto err; 416 goto err;
416 417
417 /* If this is not done, things will break in the montgomery 418 /* If this is not done, things will break in the montgomery
@@ -885,10 +886,11 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m,
885 } 886 }
886 887
887 BN_CTX_start(ctx); 888 BN_CTX_start(ctx);
888 d = BN_CTX_get(ctx); 889 if ((d = BN_CTX_get(ctx)) == NULL)
889 r = BN_CTX_get(ctx); 890 goto err;
890 t = BN_CTX_get(ctx); 891 if ((r = BN_CTX_get(ctx)) == NULL)
891 if (d == NULL || r == NULL || t == NULL) 892 goto err;
893 if ((t = BN_CTX_get(ctx)) == NULL)
892 goto err; 894 goto err;
893 895
894 if (in_mont != NULL) 896 if (in_mont != NULL)
@@ -1003,9 +1005,9 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
1003 } 1005 }
1004 1006
1005 BN_CTX_start(ctx); 1007 BN_CTX_start(ctx);
1006 d = BN_CTX_get(ctx); 1008 if ((d = BN_CTX_get(ctx)) == NULL)
1007 val[0] = BN_CTX_get(ctx); 1009 goto err;
1008 if (!d || !val[0]) 1010 if ((val[0] = BN_CTX_get(ctx)) == NULL)
1009 goto err; 1011 goto err;
1010 1012
1011 if (!BN_nnmod(val[0],a,m,ctx)) 1013 if (!BN_nnmod(val[0],a,m,ctx))
diff --git a/src/lib/libssl/src/crypto/bn/bn_exp2.c b/src/lib/libssl/src/crypto/bn/bn_exp2.c
index c8f0294f7a..38bf467a38 100644
--- a/src/lib/libssl/src/crypto/bn/bn_exp2.c
+++ b/src/lib/libssl/src/crypto/bn/bn_exp2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_exp2.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -150,11 +150,13 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
150 bits = (bits1 > bits2) ? bits1 : bits2; 150 bits = (bits1 > bits2) ? bits1 : bits2;
151 151
152 BN_CTX_start(ctx); 152 BN_CTX_start(ctx);
153 d = BN_CTX_get(ctx); 153 if ((d = BN_CTX_get(ctx)) == NULL)
154 r = BN_CTX_get(ctx); 154 goto err;
155 val1[0] = BN_CTX_get(ctx); 155 if ((r = BN_CTX_get(ctx)) == NULL)
156 val2[0] = BN_CTX_get(ctx); 156 goto err;
157 if (!d || !r || !val1[0] || !val2[0]) 157 if ((val1[0] = BN_CTX_get(ctx)) == NULL)
158 goto err;
159 if ((val2[0] = BN_CTX_get(ctx)) == NULL)
158 goto err; 160 goto err;
159 161
160 if (in_mont != NULL) 162 if (in_mont != NULL)
diff --git a/src/lib/libssl/src/crypto/bn/bn_gcd.c b/src/lib/libssl/src/crypto/bn/bn_gcd.c
index 379bea99ad..da9c29a8e5 100644
--- a/src/lib/libssl/src/crypto/bn/bn_gcd.c
+++ b/src/lib/libssl/src/crypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
125 bn_check_top(in_b); 125 bn_check_top(in_b);
126 126
127 BN_CTX_start(ctx); 127 BN_CTX_start(ctx);
128 a = BN_CTX_get(ctx); 128 if ((a = BN_CTX_get(ctx)) == NULL)
129 b = BN_CTX_get(ctx); 129 goto err;
130 if (a == NULL || b == NULL) 130 if ((b = BN_CTX_get(ctx)) == NULL)
131 goto err; 131 goto err;
132 132
133 if (BN_copy(a, in_a) == NULL) 133 if (BN_copy(a, in_a) == NULL)
@@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
247 bn_check_top(n); 247 bn_check_top(n);
248 248
249 BN_CTX_start(ctx); 249 BN_CTX_start(ctx);
250 A = BN_CTX_get(ctx); 250 if ((A = BN_CTX_get(ctx)) == NULL)
251 B = BN_CTX_get(ctx); 251 goto err;
252 X = BN_CTX_get(ctx); 252 if ((B = BN_CTX_get(ctx)) == NULL)
253 D = BN_CTX_get(ctx); 253 goto err;
254 M = BN_CTX_get(ctx); 254 if ((X = BN_CTX_get(ctx)) == NULL)
255 Y = BN_CTX_get(ctx); 255 goto err;
256 T = BN_CTX_get(ctx); 256 if ((D = BN_CTX_get(ctx)) == NULL)
257 if (T == NULL) 257 goto err;
258 if ((M = BN_CTX_get(ctx)) == NULL)
259 goto err;
260 if ((Y = BN_CTX_get(ctx)) == NULL)
261 goto err;
262 if ((T = BN_CTX_get(ctx)) == NULL)
258 goto err; 263 goto err;
259 264
260 if (in == NULL) 265 if (in == NULL)
@@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
537 bn_check_top(n); 542 bn_check_top(n);
538 543
539 BN_CTX_start(ctx); 544 BN_CTX_start(ctx);
540 A = BN_CTX_get(ctx); 545 if ((A = BN_CTX_get(ctx)) == NULL)
541 B = BN_CTX_get(ctx); 546 goto err;
542 X = BN_CTX_get(ctx); 547 if ((B = BN_CTX_get(ctx)) == NULL)
543 D = BN_CTX_get(ctx); 548 goto err;
544 M = BN_CTX_get(ctx); 549 if ((X = BN_CTX_get(ctx)) == NULL)
545 Y = BN_CTX_get(ctx); 550 goto err;
546 T = BN_CTX_get(ctx); 551 if ((D = BN_CTX_get(ctx)) == NULL)
547 if (T == NULL) 552 goto err;
553 if ((M = BN_CTX_get(ctx)) == NULL)
554 goto err;
555 if ((Y = BN_CTX_get(ctx)) == NULL)
556 goto err;
557 if ((T = BN_CTX_get(ctx)) == NULL)
548 goto err; 558 goto err;
549 559
550 if (in == NULL) 560 if (in == NULL)
diff --git a/src/lib/libssl/src/crypto/bn/bn_gf2m.c b/src/lib/libssl/src/crypto/bn/bn_gf2m.c
index 1cd38c7797..4544369248 100644
--- a/src/lib/libssl/src/crypto/bn/bn_gf2m.c
+++ b/src/lib/libssl/src/crypto/bn/bn_gf2m.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_gf2m.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */ 1/* $OpenBSD: bn_gf2m.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -840,8 +840,7 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
840 bn_check_top(p); 840 bn_check_top(p);
841 841
842 BN_CTX_start(ctx); 842 BN_CTX_start(ctx);
843 xinv = BN_CTX_get(ctx); 843 if ((xinv = BN_CTX_get(ctx)) == NULL)
844 if (xinv == NULL)
845 goto err; 844 goto err;
846 845
847 if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) 846 if (!BN_GF2m_mod_inv(xinv, x, p, ctx))
@@ -875,11 +874,13 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
875 874
876 BN_CTX_start(ctx); 875 BN_CTX_start(ctx);
877 876
878 a = BN_CTX_get(ctx); 877 if ((a = BN_CTX_get(ctx)) == NULL)
879 b = BN_CTX_get(ctx); 878 goto err;
880 u = BN_CTX_get(ctx); 879 if ((b = BN_CTX_get(ctx)) == NULL)
881 v = BN_CTX_get(ctx); 880 goto err;
882 if (v == NULL) 881 if ((u = BN_CTX_get(ctx)) == NULL)
882 goto err;
883 if ((v = BN_CTX_get(ctx)) == NULL)
883 goto err; 884 goto err;
884 885
885 /* reduce x and y mod p */ 886 /* reduce x and y mod p */
@@ -1137,10 +1138,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
1137 } 1138 }
1138 1139
1139 BN_CTX_start(ctx); 1140 BN_CTX_start(ctx);
1140 a = BN_CTX_get(ctx); 1141 if ((a = BN_CTX_get(ctx)) == NULL)
1141 z = BN_CTX_get(ctx); 1142 goto err;
1142 w = BN_CTX_get(ctx); 1143 if ((z = BN_CTX_get(ctx)) == NULL)
1143 if (w == NULL) 1144 goto err;
1145 if ((w = BN_CTX_get(ctx)) == NULL)
1144 goto err; 1146 goto err;
1145 1147
1146 if (!BN_GF2m_mod_arr(a, a_, p)) 1148 if (!BN_GF2m_mod_arr(a, a_, p))
@@ -1169,10 +1171,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
1169 } 1171 }
1170 else /* m is even */ 1172 else /* m is even */
1171 { 1173 {
1172 rho = BN_CTX_get(ctx); 1174 if ((rho = BN_CTX_get(ctx)) == NULL)
1173 w2 = BN_CTX_get(ctx); 1175 goto err;
1174 tmp = BN_CTX_get(ctx); 1176 if ((w2 = BN_CTX_get(ctx)) == NULL)
1175 if (tmp == NULL) 1177 goto err;
1178 if ((tmp = BN_CTX_get(ctx)) == NULL)
1176 goto err; 1179 goto err;
1177 do { 1180 do {
1178 if (!BN_rand(rho, p[0], 0, 0)) 1181 if (!BN_rand(rho, p[0], 0, 0))
diff --git a/src/lib/libssl/src/crypto/bn/bn_kron.c b/src/lib/libssl/src/crypto/bn/bn_kron.c
index 699cda55f0..274da5d186 100644
--- a/src/lib/libssl/src/crypto/bn/bn_kron.c
+++ b/src/lib/libssl/src/crypto/bn/bn_kron.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_kron.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -79,9 +79,9 @@ BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
79 bn_check_top(b); 79 bn_check_top(b);
80 80
81 BN_CTX_start(ctx); 81 BN_CTX_start(ctx);
82 A = BN_CTX_get(ctx); 82 if ((A = BN_CTX_get(ctx)) == NULL)
83 B = BN_CTX_get(ctx); 83 goto end;
84 if (B == NULL) 84 if ((B = BN_CTX_get(ctx)) == NULL)
85 goto end; 85 goto end;
86 86
87 err = !BN_copy(A, a); 87 err = !BN_copy(A, a);
diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c
index 5803ca493d..3eb9913a9e 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mont.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mont.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mont.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,8 +149,7 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
149#endif 149#endif
150 150
151 BN_CTX_start(ctx); 151 BN_CTX_start(ctx);
152 tmp = BN_CTX_get(ctx); 152 if ((tmp = BN_CTX_get(ctx)) == NULL)
153 if (tmp == NULL)
154 goto err; 153 goto err;
155 154
156 bn_check_top(tmp); 155 bn_check_top(tmp);
@@ -288,9 +287,9 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
288 BIGNUM *t1, *t2; 287 BIGNUM *t1, *t2;
289 288
290 BN_CTX_start(ctx); 289 BN_CTX_start(ctx);
291 t1 = BN_CTX_get(ctx); 290 if ((t1 = BN_CTX_get(ctx)) == NULL)
292 t2 = BN_CTX_get(ctx); 291 goto err;
293 if (t1 == NULL || t2 == NULL) 292 if ((t2 = BN_CTX_get(ctx)) == NULL)
294 goto err; 293 goto err;
295 294
296 if (!BN_copy(t1, a)) 295 if (!BN_copy(t1, a))
diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c
index daba02d6ca..7794d59707 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mul.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mul.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mul.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1012,8 +1012,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1012 j = 1 << (j - 1); 1012 j = 1 << (j - 1);
1013 assert(j <= al || j <= bl); 1013 assert(j <= al || j <= bl);
1014 k = j + j; 1014 k = j + j;
1015 t = BN_CTX_get(ctx); 1015 if ((t = BN_CTX_get(ctx)) == NULL)
1016 if (t == NULL)
1017 goto err; 1016 goto err;
1018 if (al > j || bl > j) { 1017 if (al > j || bl > j) {
1019 if (bn_wexpand(t, k * 4) == NULL) 1018 if (bn_wexpand(t, k * 4) == NULL)
@@ -1057,7 +1056,8 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1057 j = BN_num_bits_word((BN_ULONG)al); 1056 j = BN_num_bits_word((BN_ULONG)al);
1058 j = 1 << (j - 1); 1057 j = 1 << (j - 1);
1059 k = j + j; 1058 k = j + j;
1060 t = BN_CTX_get(ctx); 1059 if ((t = BN_CTX_get(ctx)) == NULL)
1060 goto err;
1061 if (al == j) /* exact multiple */ 1061 if (al == j) /* exact multiple */
1062 { 1062 {
1063 if (bn_wexpand(t, k * 2) == NULL) 1063 if (bn_wexpand(t, k * 2) == NULL)
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c
index e5cd315e47..02780d32e6 100644
--- a/src/lib/libssl/src/crypto/bn/bn_prime.c
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -170,8 +170,7 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
170 if (ctx == NULL) 170 if (ctx == NULL)
171 goto err; 171 goto err;
172 BN_CTX_start(ctx); 172 BN_CTX_start(ctx);
173 t = BN_CTX_get(ctx); 173 if ((t = BN_CTX_get(ctx)) == NULL)
174 if (!t)
175 goto err; 174 goto err;
176loop: 175loop:
177 /* make a random number and set the top and bottom bits */ 176 /* make a random number and set the top and bottom bits */
@@ -287,10 +286,11 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
287 A = t; 286 A = t;
288 } else 287 } else
289 A = a; 288 A = a;
290 A1 = BN_CTX_get(ctx); 289 if ((A1 = BN_CTX_get(ctx)) == NULL)
291 A1_odd = BN_CTX_get(ctx); 290 goto err;
292 check = BN_CTX_get(ctx); 291 if ((A1_odd = BN_CTX_get(ctx)) == NULL)
293 if (check == NULL) 292 goto err;
293 if ((check = BN_CTX_get(ctx)) == NULL)
294 goto err; 294 goto err;
295 295
296 /* compute A1 := A - 1 */ 296 /* compute A1 := A - 1 */
@@ -461,10 +461,11 @@ probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
461 461
462 bits--; 462 bits--;
463 BN_CTX_start(ctx); 463 BN_CTX_start(ctx);
464 t1 = BN_CTX_get(ctx); 464 if ((t1 = BN_CTX_get(ctx)) == NULL)
465 q = BN_CTX_get(ctx); 465 goto err;
466 qadd = BN_CTX_get(ctx); 466 if ((q = BN_CTX_get(ctx)) == NULL)
467 if (qadd == NULL) 467 goto err;
468 if ((qadd = BN_CTX_get(ctx)) == NULL)
468 goto err; 469 goto err;
469 470
470 if (!BN_rshift1(qadd, padd)) 471 if (!BN_rshift1(qadd, padd))
diff --git a/src/lib/libssl/src/crypto/bn/bn_sqr.c b/src/lib/libssl/src/crypto/bn/bn_sqr.c
index 5ea9fb083d..a0dce6ea81 100644
--- a/src/lib/libssl/src/crypto/bn/bn_sqr.c
+++ b/src/lib/libssl/src/crypto/bn/bn_sqr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_sqr.c,v 1.11 2014/07/11 13:26:31 miod Exp $ */ 1/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -85,7 +85,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
85 BN_CTX_start(ctx); 85 BN_CTX_start(ctx);
86 rr = (a != r) ? r : BN_CTX_get(ctx); 86 rr = (a != r) ? r : BN_CTX_get(ctx);
87 tmp = BN_CTX_get(ctx); 87 tmp = BN_CTX_get(ctx);
88 if (!rr || !tmp) 88 if (rr == NULL || tmp == NULL)
89 goto err; 89 goto err;
90 90
91 max = 2 * al; /* Non-zero (from above) */ 91 max = 2 * al; /* Non-zero (from above) */
diff --git a/src/lib/libssl/src/crypto/bn/bn_sqrt.c b/src/lib/libssl/src/crypto/bn/bn_sqrt.c
index 9a59d56b3f..f94fa41094 100644
--- a/src/lib/libssl/src/crypto/bn/bn_sqrt.c
+++ b/src/lib/libssl/src/crypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_sqrt.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * and Bodo Moeller for the OpenSSL project. */ 3 * and Bodo Moeller for the OpenSSL project. */
4/* ==================================================================== 4/* ====================================================================
@@ -108,13 +108,17 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
108 } 108 }
109 109
110 BN_CTX_start(ctx); 110 BN_CTX_start(ctx);
111 A = BN_CTX_get(ctx); 111 if ((A = BN_CTX_get(ctx)) == NULL)
112 b = BN_CTX_get(ctx); 112 goto end;
113 q = BN_CTX_get(ctx); 113 if ((b = BN_CTX_get(ctx)) == NULL)
114 t = BN_CTX_get(ctx); 114 goto end;
115 x = BN_CTX_get(ctx); 115 if ((q = BN_CTX_get(ctx)) == NULL)
116 y = BN_CTX_get(ctx); 116 goto end;
117 if (y == NULL) 117 if ((t = BN_CTX_get(ctx)) == NULL)
118 goto end;
119 if ((x = BN_CTX_get(ctx)) == NULL)
120 goto end;
121 if ((y = BN_CTX_get(ctx)) == NULL)
118 goto end; 122 goto end;
119 123
120 if (ret == NULL) 124 if (ret == NULL)
diff --git a/src/lib/libssl/src/crypto/bn/bn_x931p.c b/src/lib/libssl/src/crypto/bn/bn_x931p.c
index fc8d4c3c49..89c86c1ff7 100644
--- a/src/lib/libssl/src/crypto/bn/bn_x931p.c
+++ b/src/lib/libssl/src/crypto/bn/bn_x931p.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_x931p.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: bn_x931p.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -107,17 +107,21 @@ BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp,
107 return 0; 107 return 0;
108 108
109 BN_CTX_start(ctx); 109 BN_CTX_start(ctx);
110 if (!p1) 110 if (p1 != NULL) {
111 p1 = BN_CTX_get(ctx); 111 if ((p1 = BN_CTX_get(ctx)) == NULL)
112 112 goto err;
113 if (!p2) 113 }
114 p2 = BN_CTX_get(ctx); 114 if (p2 != NULL) {
115 115 if ((p2 = BN_CTX_get(ctx)) == NULL)
116 t = BN_CTX_get(ctx); 116 goto err;
117 117 }
118 p1p2 = BN_CTX_get(ctx);
119 118
120 pm1 = BN_CTX_get(ctx); 119 if ((t = BN_CTX_get(ctx)) == NULL)
120 goto err;
121 if ((p1p2 = BN_CTX_get(ctx)) == NULL)
122 goto err;
123 if ((pm1 = BN_CTX_get(ctx)) == NULL)
124 goto err;
121 125
122 if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) 126 if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
123 goto err; 127 goto err;
@@ -213,7 +217,8 @@ BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
213 return 0; 217 return 0;
214 218
215 BN_CTX_start(ctx); 219 BN_CTX_start(ctx);
216 t = BN_CTX_get(ctx); 220 if ((t = BN_CTX_get(ctx)) == NULL)
221 return 0;
217 222
218 for (i = 0; i < 1000; i++) { 223 for (i = 0; i < 1000; i++) {
219 if (!BN_rand(Xq, nbits, 1, 0)) 224 if (!BN_rand(Xq, nbits, 1, 0))
@@ -247,10 +252,14 @@ BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
247 int ret = 0; 252 int ret = 0;
248 253
249 BN_CTX_start(ctx); 254 BN_CTX_start(ctx);
250 if (!Xp1) 255 if (Xp1 != NULL) {
251 Xp1 = BN_CTX_get(ctx); 256 if ((Xp1 = BN_CTX_get(ctx)) == NULL)
252 if (!Xp2) 257 goto error;
253 Xp2 = BN_CTX_get(ctx); 258 }
259 if (Xp2 != NULL) {
260 if ((Xp2 = BN_CTX_get(ctx)) == NULL)
261 goto error;
262 }
254 263
255 if (!BN_rand(Xp1, 101, 0, 0)) 264 if (!BN_rand(Xp1, 101, 0, 0))
256 goto error; 265 goto error;
diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c
index 1bc37b987e..de566802d3 100644
--- a/src/lib/libssl/src/crypto/dh/dh_gen.c
+++ b/src/lib/libssl/src/crypto/dh/dh_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */ 1/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -115,9 +115,9 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
115 if (ctx == NULL) 115 if (ctx == NULL)
116 goto err; 116 goto err;
117 BN_CTX_start(ctx); 117 BN_CTX_start(ctx);
118 t1 = BN_CTX_get(ctx); 118 if ((t1 = BN_CTX_get(ctx)) == NULL)
119 t2 = BN_CTX_get(ctx); 119 goto err;
120 if (t1 == NULL || t2 == NULL) 120 if ((t2 = BN_CTX_get(ctx)) == NULL)
121 goto err; 121 goto err;
122 122
123 /* Make sure 'ret' has the necessary elements */ 123 /* Make sure 'ret' has the necessary elements */
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
index b8352149e2..31bc7b3dfd 100644
--- a/src/lib/libssl/src/crypto/dh/dh_key.c
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.22 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -195,7 +195,8 @@ compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
195 if (ctx == NULL) 195 if (ctx == NULL)
196 goto err; 196 goto err;
197 BN_CTX_start(ctx); 197 BN_CTX_start(ctx);
198 tmp = BN_CTX_get(ctx); 198 if ((tmp = BN_CTX_get(ctx)) == NULL)
199 goto err;
199 200
200 if (dh->priv_key == NULL) { 201 if (dh->priv_key == NULL) {
201 DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE); 202 DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
index 296a544c31..dcfa957884 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_gen.c,v 1.17 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: dsa_gen.c,v 1.18 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -148,14 +148,22 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd,
148 goto err; 148 goto err;
149 149
150 BN_CTX_start(ctx); 150 BN_CTX_start(ctx);
151 r0 = BN_CTX_get(ctx); 151 if ((r0 = BN_CTX_get(ctx)) == NULL)
152 g = BN_CTX_get(ctx); 152 goto err;
153 W = BN_CTX_get(ctx); 153 if ((g = BN_CTX_get(ctx)) == NULL)
154 q = BN_CTX_get(ctx); 154 goto err;
155 X = BN_CTX_get(ctx); 155 if ((W = BN_CTX_get(ctx)) == NULL)
156 c = BN_CTX_get(ctx); 156 goto err;
157 p = BN_CTX_get(ctx); 157 if ((q = BN_CTX_get(ctx)) == NULL)
158 test = BN_CTX_get(ctx); 158 goto err;
159 if ((X = BN_CTX_get(ctx)) == NULL)
160 goto err;
161 if ((c = BN_CTX_get(ctx)) == NULL)
162 goto err;
163 if ((p = BN_CTX_get(ctx)) == NULL)
164 goto err;
165 if ((test = BN_CTX_get(ctx)) == NULL)
166 goto err;
159 167
160 if (!BN_lshift(test, BN_value_one(), bits - 1)) 168 if (!BN_lshift(test, BN_value_one(), bits - 1))
161 goto err; 169 goto err;
diff --git a/src/lib/libssl/src/crypto/ec/ec2_mult.c b/src/lib/libssl/src/crypto/ec/ec2_mult.c
index dd113907be..8f0091efe1 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx)
91 91
92 /* Since Mdouble is static we can guarantee that ctx != NULL. */ 92 /* Since Mdouble is static we can guarantee that ctx != NULL. */
93 BN_CTX_start(ctx); 93 BN_CTX_start(ctx);
94 t1 = BN_CTX_get(ctx); 94 if ((t1 = BN_CTX_get(ctx)) == NULL)
95 if (t1 == NULL)
96 goto err; 95 goto err;
97 96
98 if (!group->meth->field_sqr(group, x, x, ctx)) 97 if (!group->meth->field_sqr(group, x, x, ctx))
@@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1,
132 131
133 /* Since Madd is static we can guarantee that ctx != NULL. */ 132 /* Since Madd is static we can guarantee that ctx != NULL. */
134 BN_CTX_start(ctx); 133 BN_CTX_start(ctx);
135 t1 = BN_CTX_get(ctx); 134 if ((t1 = BN_CTX_get(ctx)) == NULL)
136 t2 = BN_CTX_get(ctx); 135 goto err;
137 if (t2 == NULL) 136 if ((t2 = BN_CTX_get(ctx)) == NULL)
138 goto err; 137 goto err;
139 138
140 if (!BN_copy(t1, x)) 139 if (!BN_copy(t1, x))
@@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1,
191 } 190 }
192 /* Since Mxy is static we can guarantee that ctx != NULL. */ 191 /* Since Mxy is static we can guarantee that ctx != NULL. */
193 BN_CTX_start(ctx); 192 BN_CTX_start(ctx);
194 t3 = BN_CTX_get(ctx); 193 if ((t3 = BN_CTX_get(ctx)) == NULL)
195 t4 = BN_CTX_get(ctx); 194 goto err;
196 t5 = BN_CTX_get(ctx); 195 if ((t4 = BN_CTX_get(ctx)) == NULL)
197 if (t5 == NULL) 196 goto err;
197 if ((t5 = BN_CTX_get(ctx)) == NULL)
198 goto err; 198 goto err;
199 199
200 if (!BN_one(t5)) 200 if (!BN_one(t5))
@@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
281 281
282 /* Since point_multiply is static we can guarantee that ctx != NULL. */ 282 /* Since point_multiply is static we can guarantee that ctx != NULL. */
283 BN_CTX_start(ctx); 283 BN_CTX_start(ctx);
284 x1 = BN_CTX_get(ctx); 284 if ((x1 = BN_CTX_get(ctx)) == NULL)
285 z1 = BN_CTX_get(ctx); 285 goto err;
286 if (z1 == NULL) 286 if ((z1 = BN_CTX_get(ctx)) == NULL)
287 goto err; 287 goto err;
288 288
289 x2 = &r->X; 289 x2 = &r->X;
diff --git a/src/lib/libssl/src/crypto/ec/ec2_oct.c b/src/lib/libssl/src/crypto/ec/ec2_oct.c
index c45d9c2219..72690b1bc7 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_oct.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point
109 y_bit = (y_bit != 0) ? 1 : 0; 109 y_bit = (y_bit != 0) ? 1 : 0;
110 110
111 BN_CTX_start(ctx); 111 BN_CTX_start(ctx);
112 tmp = BN_CTX_get(ctx); 112 if ((tmp = BN_CTX_get(ctx)) == NULL)
113 x = BN_CTX_get(ctx); 113 goto err;
114 y = BN_CTX_get(ctx); 114 if ((x = BN_CTX_get(ctx)) == NULL)
115 z = BN_CTX_get(ctx); 115 goto err;
116 if (z == NULL) 116 if ((y = BN_CTX_get(ctx)) == NULL)
117 goto err;
118 if ((z = BN_CTX_get(ctx)) == NULL)
117 goto err; 119 goto err;
118 120
119 if (!BN_GF2m_mod_arr(x, x_, group->poly)) 121 if (!BN_GF2m_mod_arr(x, x_, group->poly))
@@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
212 } 214 }
213 BN_CTX_start(ctx); 215 BN_CTX_start(ctx);
214 used_ctx = 1; 216 used_ctx = 1;
215 x = BN_CTX_get(ctx); 217 if ((x = BN_CTX_get(ctx)) == NULL)
216 y = BN_CTX_get(ctx); 218 goto err;
217 yxi = BN_CTX_get(ctx); 219 if ((y = BN_CTX_get(ctx)) == NULL)
218 if (yxi == NULL) 220 goto err;
221 if ((yxi = BN_CTX_get(ctx)) == NULL)
219 goto err; 222 goto err;
220 223
221 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) 224 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
@@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
329 return 0; 332 return 0;
330 } 333 }
331 BN_CTX_start(ctx); 334 BN_CTX_start(ctx);
332 x = BN_CTX_get(ctx); 335 if ((x = BN_CTX_get(ctx)) == NULL)
333 y = BN_CTX_get(ctx); 336 goto err;
334 yxi = BN_CTX_get(ctx); 337 if ((y = BN_CTX_get(ctx)) == NULL)
335 if (yxi == NULL) 338 goto err;
339 if ((yxi = BN_CTX_get(ctx)) == NULL)
336 goto err; 340 goto err;
337 341
338 if (!BN_bin2bn(buf + 1, field_len, x)) 342 if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libssl/src/crypto/ec/ec2_smpl.c b/src/lib/libssl/src/crypto/ec/ec2_smpl.c
index b9c066c5c1..43f0afd5ae 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_smpl.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
291 } 291 }
292 } 292 }
293 BN_CTX_start(ctx); 293 BN_CTX_start(ctx);
294 b = BN_CTX_get(ctx); 294 if ((b = BN_CTX_get(ctx)) == NULL)
295 if (b == NULL)
296 goto err; 295 goto err;
297 296
298 if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) 297 if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
@@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
464 return 0; 463 return 0;
465 } 464 }
466 BN_CTX_start(ctx); 465 BN_CTX_start(ctx);
467 x0 = BN_CTX_get(ctx); 466 if ((x0 = BN_CTX_get(ctx)) == NULL)
468 y0 = BN_CTX_get(ctx); 467 goto err;
469 x1 = BN_CTX_get(ctx); 468 if ((y0 = BN_CTX_get(ctx)) == NULL)
470 y1 = BN_CTX_get(ctx); 469 goto err;
471 x2 = BN_CTX_get(ctx); 470 if ((x1 = BN_CTX_get(ctx)) == NULL)
472 y2 = BN_CTX_get(ctx); 471 goto err;
473 s = BN_CTX_get(ctx); 472 if ((y1 = BN_CTX_get(ctx)) == NULL)
474 t = BN_CTX_get(ctx); 473 goto err;
475 if (t == NULL) 474 if ((x2 = BN_CTX_get(ctx)) == NULL)
475 goto err;
476 if ((y2 = BN_CTX_get(ctx)) == NULL)
477 goto err;
478 if ((s = BN_CTX_get(ctx)) == NULL)
479 goto err;
480 if ((t = BN_CTX_get(ctx)) == NULL)
476 goto err; 481 goto err;
477 482
478 if (a->Z_is_one) { 483 if (a->Z_is_one) {
@@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX
611 return -1; 616 return -1;
612 } 617 }
613 BN_CTX_start(ctx); 618 BN_CTX_start(ctx);
614 y2 = BN_CTX_get(ctx); 619 if ((y2 = BN_CTX_get(ctx)) == NULL)
615 lh = BN_CTX_get(ctx); 620 goto err;
616 if (lh == NULL) 621 if ((lh = BN_CTX_get(ctx)) == NULL)
617 goto err; 622 goto err;
618 623
619 /* 624 /*
@@ -651,7 +656,8 @@ err:
651 * 1 not equal 656 * 1 not equal
652 */ 657 */
653int 658int
654ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx) 659ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
660 const EC_POINT *b, BN_CTX *ctx)
655{ 661{
656 BIGNUM *aX, *aY, *bX, *bY; 662 BIGNUM *aX, *aY, *bX, *bY;
657 BN_CTX *new_ctx = NULL; 663 BN_CTX *new_ctx = NULL;
@@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT *
672 return -1; 678 return -1;
673 } 679 }
674 BN_CTX_start(ctx); 680 BN_CTX_start(ctx);
675 aX = BN_CTX_get(ctx); 681 if ((aX = BN_CTX_get(ctx)) == NULL)
676 aY = BN_CTX_get(ctx); 682 goto err;
677 bX = BN_CTX_get(ctx); 683 if ((aY = BN_CTX_get(ctx)) == NULL)
678 bY = BN_CTX_get(ctx); 684 goto err;
679 if (bY == NULL) 685 if ((bX = BN_CTX_get(ctx)) == NULL)
686 goto err;
687 if ((bY = BN_CTX_get(ctx)) == NULL)
680 goto err; 688 goto err;
681 689
682 if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) 690 if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
@@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct
710 return 0; 718 return 0;
711 } 719 }
712 BN_CTX_start(ctx); 720 BN_CTX_start(ctx);
713 x = BN_CTX_get(ctx); 721 if ((x = BN_CTX_get(ctx)) == NULL)
714 y = BN_CTX_get(ctx); 722 goto err;
715 if (y == NULL) 723 if ((y = BN_CTX_get(ctx)) == NULL)
716 goto err; 724 goto err;
717 725
718 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) 726 if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
diff --git a/src/lib/libssl/src/crypto/ec/ec_key.c b/src/lib/libssl/src/crypto/ec/ec_key.c
index f9904b4ee9..45192c3231 100644
--- a/src/lib/libssl/src/crypto/ec/ec_key.c
+++ b/src/lib/libssl/src/crypto/ec/ec_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
359 if (tmp_nid == NID_X9_62_characteristic_two_field) 359 if (tmp_nid == NID_X9_62_characteristic_two_field)
360 is_char_two = 1; 360 is_char_two = 1;
361 361
362 tx = BN_CTX_get(ctx); 362 if ((tx = BN_CTX_get(ctx)) == NULL)
363 ty = BN_CTX_get(ctx); 363 goto err;
364 if ((ty = BN_CTX_get(ctx)) == NULL)
365 goto err;
366
364#ifndef OPENSSL_NO_EC2M 367#ifndef OPENSSL_NO_EC2M
365 if (is_char_two) { 368 if (is_char_two) {
366 if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, 369 if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
diff --git a/src/lib/libssl/src/crypto/ec/ec_lib.c b/src/lib/libssl/src/crypto/ec/ec_lib.c
index 47ccc614d1..8cf0f2241e 100644
--- a/src/lib/libssl/src/crypto/ec/ec_lib.c
+++ b/src/lib/libssl/src/crypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
497 return -1; 497 return -1;
498 498
499 BN_CTX_start(ctx); 499 BN_CTX_start(ctx);
500 a1 = BN_CTX_get(ctx); 500 if ((a1 = BN_CTX_get(ctx)) == NULL)
501 a2 = BN_CTX_get(ctx); 501 goto err;
502 a3 = BN_CTX_get(ctx); 502 if ((a2 = BN_CTX_get(ctx)) == NULL)
503 b1 = BN_CTX_get(ctx); 503 goto err;
504 b2 = BN_CTX_get(ctx); 504 if ((a3 = BN_CTX_get(ctx)) == NULL)
505 b3 = BN_CTX_get(ctx); 505 goto err;
506 if (!b3) { 506 if ((b1 = BN_CTX_get(ctx)) == NULL)
507 BN_CTX_end(ctx); 507 goto err;
508 if (ctx_new) 508 if ((b2 = BN_CTX_get(ctx)) == NULL)
509 BN_CTX_free(ctx); 509 goto err;
510 return -1; 510 if ((b3 = BN_CTX_get(ctx)) == NULL)
511 } 511 goto err;
512
512 /* 513 /*
513 * XXX This approach assumes that the external representation of 514 * XXX This approach assumes that the external representation of
514 * curves over the same field type is the same. 515 * curves over the same field type is the same.
@@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
544 BN_CTX_free(ctx); 545 BN_CTX_free(ctx);
545 546
546 return r; 547 return r;
548
549err:
550 BN_CTX_end(ctx);
551 if (ctx_new)
552 BN_CTX_free(ctx);
553 return -1;
547} 554}
548 555
549 556
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c
index 9e3aee13a2..e711413598 100644
--- a/src/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
753 goto err; 753 goto err;
754 } 754 }
755 BN_CTX_start(ctx); 755 BN_CTX_start(ctx);
756 order = BN_CTX_get(ctx); 756 if ((order = BN_CTX_get(ctx)) == NULL)
757 if (order == NULL)
758 goto err; 757 goto err;
759 758
760 if (!EC_GROUP_get_order(group, order, ctx)) 759 if (!EC_GROUP_get_order(group, order, ctx))
diff --git a/src/lib/libssl/src/crypto/ec/ecp_oct.c b/src/lib/libssl/src/crypto/ec/ecp_oct.c
index abc31e6382..994f0b08b1 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_oct.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,8 +67,8 @@
67#include "ec_lcl.h" 67#include "ec_lcl.h"
68 68
69int 69int
70ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point, 70ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group,
71 const BIGNUM * x_, int y_bit, BN_CTX * ctx) 71 EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx)
72{ 72{
73 BN_CTX *new_ctx = NULL; 73 BN_CTX *new_ctx = NULL;
74 BIGNUM *tmp1, *tmp2, *x, *y; 74 BIGNUM *tmp1, *tmp2, *x, *y;
@@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin
85 y_bit = (y_bit != 0); 85 y_bit = (y_bit != 0);
86 86
87 BN_CTX_start(ctx); 87 BN_CTX_start(ctx);
88 tmp1 = BN_CTX_get(ctx); 88 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
89 tmp2 = BN_CTX_get(ctx); 89 goto err;
90 x = BN_CTX_get(ctx); 90 if ((tmp2 = BN_CTX_get(ctx)) == NULL)
91 y = BN_CTX_get(ctx); 91 goto err;
92 if (y == NULL) 92 if ((x = BN_CTX_get(ctx)) == NULL)
93 goto err;
94 if ((y = BN_CTX_get(ctx)) == NULL)
93 goto err; 95 goto err;
94 96
95 /* 97 /*
@@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co
239 } 241 }
240 BN_CTX_start(ctx); 242 BN_CTX_start(ctx);
241 used_ctx = 1; 243 used_ctx = 1;
242 x = BN_CTX_get(ctx); 244 if ((x = BN_CTX_get(ctx)) == NULL)
243 y = BN_CTX_get(ctx); 245 goto err;
244 if (y == NULL) 246 if ((y = BN_CTX_get(ctx)) == NULL)
245 goto err; 247 goto err;
246 248
247 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) 249 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
348 return 0; 350 return 0;
349 } 351 }
350 BN_CTX_start(ctx); 352 BN_CTX_start(ctx);
351 x = BN_CTX_get(ctx); 353 if ((x = BN_CTX_get(ctx)) == NULL)
352 y = BN_CTX_get(ctx); 354 goto err;
353 if (y == NULL) 355 if ((y = BN_CTX_get(ctx)) == NULL)
354 goto err; 356 goto err;
355 357
356 if (!BN_bin2bn(buf + 1, field_len, x)) 358 if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libssl/src/crypto/ec/ecp_smpl.c b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
index 7b3bb2364d..f6db4dc9b1 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_smpl.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */ 1/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group,
188 return 0; 188 return 0;
189 } 189 }
190 BN_CTX_start(ctx); 190 BN_CTX_start(ctx);
191 tmp_a = BN_CTX_get(ctx); 191 if ((tmp_a = BN_CTX_get(ctx)) == NULL)
192 if (tmp_a == NULL)
193 goto err; 192 goto err;
194 193
195 /* group->field */ 194 /* group->field */
@@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
294 } 293 }
295 } 294 }
296 BN_CTX_start(ctx); 295 BN_CTX_start(ctx);
297 a = BN_CTX_get(ctx); 296 if ((a = BN_CTX_get(ctx)) == NULL)
298 b = BN_CTX_get(ctx); 297 goto err;
299 tmp_1 = BN_CTX_get(ctx); 298 if ((b = BN_CTX_get(ctx)) == NULL)
300 tmp_2 = BN_CTX_get(ctx); 299 goto err;
301 order = BN_CTX_get(ctx); 300 if ((tmp_1 = BN_CTX_get(ctx)) == NULL)
302 if (order == NULL) 301 goto err;
302 if ((tmp_2 = BN_CTX_get(ctx)) == NULL)
303 goto err;
304 if ((order = BN_CTX_get(ctx)) == NULL)
303 goto err; 305 goto err;
304 306
305 if (group->meth->field_decode) { 307 if (group->meth->field_decode) {
@@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN
539 return 0; 541 return 0;
540 } 542 }
541 BN_CTX_start(ctx); 543 BN_CTX_start(ctx);
542 Z = BN_CTX_get(ctx); 544 if ((Z = BN_CTX_get(ctx)) == NULL)
543 Z_1 = BN_CTX_get(ctx); 545 goto err;
544 Z_2 = BN_CTX_get(ctx); 546 if ((Z_1 = BN_CTX_get(ctx)) == NULL)
545 Z_3 = BN_CTX_get(ctx); 547 goto err;
546 if (Z_3 == NULL) 548 if ((Z_2 = BN_CTX_get(ctx)) == NULL)
549 goto err;
550 if ((Z_3 = BN_CTX_get(ctx)) == NULL)
547 goto err; 551 goto err;
548 552
549 /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */ 553 /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */
@@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons
652 return 0; 656 return 0;
653 } 657 }
654 BN_CTX_start(ctx); 658 BN_CTX_start(ctx);
655 n0 = BN_CTX_get(ctx); 659 if ((n0 = BN_CTX_get(ctx)) == NULL)
656 n1 = BN_CTX_get(ctx); 660 goto end;
657 n2 = BN_CTX_get(ctx); 661 if ((n1 = BN_CTX_get(ctx)) == NULL)
658 n3 = BN_CTX_get(ctx); 662 goto end;
659 n4 = BN_CTX_get(ctx); 663 if ((n2 = BN_CTX_get(ctx)) == NULL)
660 n5 = BN_CTX_get(ctx); 664 goto end;
661 n6 = BN_CTX_get(ctx); 665 if ((n3 = BN_CTX_get(ctx)) == NULL)
662 if (n6 == NULL) 666 goto end;
667 if ((n4 = BN_CTX_get(ctx)) == NULL)
668 goto end;
669 if ((n5 = BN_CTX_get(ctx)) == NULL)
670 goto end;
671 if ((n6 = BN_CTX_get(ctx)) == NULL)
663 goto end; 672 goto end;
664 673
665 /* 674 /*
@@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C
834 return 0; 843 return 0;
835 } 844 }
836 BN_CTX_start(ctx); 845 BN_CTX_start(ctx);
837 n0 = BN_CTX_get(ctx); 846 if ((n0 = BN_CTX_get(ctx)) == NULL)
838 n1 = BN_CTX_get(ctx); 847 goto err;
839 n2 = BN_CTX_get(ctx); 848 if ((n1 = BN_CTX_get(ctx)) == NULL)
840 n3 = BN_CTX_get(ctx); 849 goto err;
841 if (n3 == NULL) 850 if ((n2 = BN_CTX_get(ctx)) == NULL)
851 goto err;
852 if ((n3 = BN_CTX_get(ctx)) == NULL)
842 goto err; 853 goto err;
843 854
844 /* 855 /*
@@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX
990 return -1; 1001 return -1;
991 } 1002 }
992 BN_CTX_start(ctx); 1003 BN_CTX_start(ctx);
993 rh = BN_CTX_get(ctx); 1004 if ((rh = BN_CTX_get(ctx)) == NULL)
994 tmp = BN_CTX_get(ctx); 1005 goto err;
995 Z4 = BN_CTX_get(ctx); 1006 if ((tmp = BN_CTX_get(ctx)) == NULL)
996 Z6 = BN_CTX_get(ctx); 1007 goto err;
997 if (Z6 == NULL) 1008 if ((Z4 = BN_CTX_get(ctx)) == NULL)
1009 goto err;
1010 if ((Z6 = BN_CTX_get(ctx)) == NULL)
998 goto err; 1011 goto err;
999 1012
1000 /* 1013 /*
@@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b
1101 return -1; 1114 return -1;
1102 } 1115 }
1103 BN_CTX_start(ctx); 1116 BN_CTX_start(ctx);
1104 tmp1 = BN_CTX_get(ctx); 1117 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
1105 tmp2 = BN_CTX_get(ctx); 1118 goto end;
1106 Za23 = BN_CTX_get(ctx); 1119 if ((tmp2 = BN_CTX_get(ctx)) == NULL)
1107 Zb23 = BN_CTX_get(ctx); 1120 goto end;
1108 if (Zb23 == NULL) 1121 if ((Za23 = BN_CTX_get(ctx)) == NULL)
1122 goto end;
1123 if ((Zb23 = BN_CTX_get(ctx)) == NULL)
1109 goto end; 1124 goto end;
1110 1125
1111 /* 1126 /*
@@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx
1184 return 0; 1199 return 0;
1185 } 1200 }
1186 BN_CTX_start(ctx); 1201 BN_CTX_start(ctx);
1187 x = BN_CTX_get(ctx); 1202 if ((x = BN_CTX_get(ctx)) == NULL)
1188 y = BN_CTX_get(ctx); 1203 goto err;
1189 if (y == NULL) 1204 if ((y = BN_CTX_get(ctx)) == NULL)
1190 goto err; 1205 goto err;
1191 1206
1192 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) 1207 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1225 return 0; 1240 return 0;
1226 } 1241 }
1227 BN_CTX_start(ctx); 1242 BN_CTX_start(ctx);
1228 tmp0 = BN_CTX_get(ctx); 1243 if ((tmp0 = BN_CTX_get(ctx)) == NULL)
1229 tmp1 = BN_CTX_get(ctx); 1244 goto err;
1230 if (tmp0 == NULL || tmp1 == NULL) 1245 if ((tmp1 = BN_CTX_get(ctx)) == NULL)
1231 goto err; 1246 goto err;
1232 1247
1233 /* 1248 /*
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
index ee130edeee..4fae7cacfd 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
+++ b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -120,8 +120,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
120 120
121 if ((ctx = BN_CTX_new()) == NULL) goto err; 121 if ((ctx = BN_CTX_new()) == NULL) goto err;
122 BN_CTX_start(ctx); 122 BN_CTX_start(ctx);
123 x = BN_CTX_get(ctx); 123 if ((x = BN_CTX_get(ctx)) == NULL)
124 y = BN_CTX_get(ctx); 124 goto err;
125 if ((y = BN_CTX_get(ctx)) == NULL)
126 goto err;
125 127
126 priv_key = EC_KEY_get0_private_key(ecdh); 128 priv_key = EC_KEY_get0_private_key(ecdh);
127 if (priv_key == NULL) 129 if (priv_key == NULL)
diff --git a/src/lib/libssl/src/crypto/engine/eng_rsax.c b/src/lib/libssl/src/crypto/engine/eng_rsax.c
index c33a776707..784b74a22f 100644
--- a/src/lib/libssl/src/crypto/engine/eng_rsax.c
+++ b/src/lib/libssl/src/crypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.12 2014/11/19 13:35:37 krw Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -519,9 +519,12 @@ e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
519 int ret = 0; 519 int ret = 0;
520 520
521 BN_CTX_start(ctx); 521 BN_CTX_start(ctx);
522 r1 = BN_CTX_get(ctx); 522 if ((r1 = BN_CTX_get(ctx)) == NULL)
523 m1 = BN_CTX_get(ctx); 523 goto err;
524 vrfy = BN_CTX_get(ctx); 524 if ((m1 = BN_CTX_get(ctx)) == NULL)
525 goto err;
526 if ((vrfy = BN_CTX_get(ctx)) == NULL)
527 goto err;
525 528
526 { 529 {
527 BIGNUM local_p, local_q; 530 BIGNUM local_p, local_q;
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
index b057dd2201..cf7f9a328b 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_crpt.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: rsa_crpt.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -145,10 +145,11 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
145 return NULL; 145 return NULL;
146 146
147 BN_CTX_start(ctx); 147 BN_CTX_start(ctx);
148 r0 = BN_CTX_get(ctx); 148 if ((r0 = BN_CTX_get(ctx)) == NULL)
149 r1 = BN_CTX_get(ctx); 149 goto err;
150 r2 = BN_CTX_get(ctx); 150 if ((r1 = BN_CTX_get(ctx)) == NULL)
151 if (r2 == NULL) 151 goto err;
152 if ((r2 = BN_CTX_get(ctx)) == NULL)
152 goto err; 153 goto err;
153 154
154 if (!BN_sub(r1, p, BN_value_one())) 155 if (!BN_sub(r1, p, BN_value_one()))
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
index f8031c87a2..0eb18cf3c7 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_eay.c,v 1.36 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -181,7 +181,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
181 ret = BN_CTX_get(ctx); 181 ret = BN_CTX_get(ctx);
182 num = BN_num_bytes(rsa->n); 182 num = BN_num_bytes(rsa->n);
183 buf = malloc(num); 183 buf = malloc(num);
184 if (!f || !ret || !buf) { 184 if (f == NULL || ret == NULL || buf == NULL) {
185 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); 185 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
186 goto err; 186 goto err;
187 } 187 }
@@ -366,7 +366,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
366 ret = BN_CTX_get(ctx); 366 ret = BN_CTX_get(ctx);
367 num = BN_num_bytes(rsa->n); 367 num = BN_num_bytes(rsa->n);
368 buf = malloc(num); 368 buf = malloc(num);
369 if (!f || !ret || !buf) { 369 if (f == NULL || ret == NULL || buf == NULL) {
370 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); 370 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
371 goto err; 371 goto err;
372 } 372 }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
index a3b9da4856..f6f051c442 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_gen.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,11 +99,13 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
99 if (ctx == NULL) 99 if (ctx == NULL)
100 goto err; 100 goto err;
101 BN_CTX_start(ctx); 101 BN_CTX_start(ctx);
102 r0 = BN_CTX_get(ctx); 102 if ((r0 = BN_CTX_get(ctx)) == NULL)
103 r1 = BN_CTX_get(ctx); 103 goto err;
104 r2 = BN_CTX_get(ctx); 104 if ((r1 = BN_CTX_get(ctx)) == NULL)
105 r3 = BN_CTX_get(ctx); 105 goto err;
106 if (r3 == NULL) 106 if ((r2 = BN_CTX_get(ctx)) == NULL)
107 goto err;
108 if ((r3 = BN_CTX_get(ctx)) == NULL)
107 goto err; 109 goto err;
108 110
109 bitsp = (bits + 1) / 2; 111 bitsp = (bits + 1) / 2;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 11:50:22 +0000