8 files changed, 165 insertions, 127 deletions
diff --git a/src/lib/libcrypto/ec/ec2_mult.c b/src/lib/libcrypto/ec/ec2_mult.c
index dd113907be..8f0091efe1 100644
--- a/src/lib/libcrypto/ec/ec2_mult.c
+++ b/src/lib/libcrypto/ec/ec2_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
 /* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
 *
@@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx)
        /* Since Mdouble is static we can guarantee that ctx != NULL. */
        BN_CTX_start(ctx);
-        t1 = BN_CTX_get(ctx);
+        if ((t1 = BN_CTX_get(ctx)) == NULL)
-        if (t1 == NULL)
                goto err;
        if (!group->meth->field_sqr(group, x, x, ctx))
@@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1,
        /* Since Madd is static we can guarantee that ctx != NULL. */
        BN_CTX_start(ctx);
-        t1 = BN_CTX_get(ctx);
+        if ((t1 = BN_CTX_get(ctx)) == NULL)
-        t2 = BN_CTX_get(ctx);
+                goto err;
-        if (t2 == NULL)
+        if ((t2 = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!BN_copy(t1, x))
@@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1,
        }
        /* Since Mxy is static we can guarantee that ctx != NULL. */
        BN_CTX_start(ctx);
-        t3 = BN_CTX_get(ctx);
+        if ((t3 = BN_CTX_get(ctx)) == NULL)
-        t4 = BN_CTX_get(ctx);
+                goto err;
-        t5 = BN_CTX_get(ctx);
+        if ((t4 = BN_CTX_get(ctx)) == NULL)
-        if (t5 == NULL)
+                goto err;
+        if ((t5 = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!BN_one(t5))
@@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
        /* Since point_multiply is static we can guarantee that ctx != NULL. */
        BN_CTX_start(ctx);
-        x1 = BN_CTX_get(ctx);
+        if ((x1 = BN_CTX_get(ctx)) == NULL)
-        z1 = BN_CTX_get(ctx);
+                goto err;
-        if (z1 == NULL)
+        if ((z1 = BN_CTX_get(ctx)) == NULL)
                goto err;
        x2 = &r->X;
diff --git a/src/lib/libcrypto/ec/ec2_oct.c b/src/lib/libcrypto/ec/ec2_oct.c
index c45d9c2219..72690b1bc7 100644
--- a/src/lib/libcrypto/ec/ec2_oct.c
+++ b/src/lib/libcrypto/ec/ec2_oct.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
 /* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
 *
@@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point
        y_bit = (y_bit != 0) ? 1 : 0;
        BN_CTX_start(ctx);
-        tmp = BN_CTX_get(ctx);
+        if ((tmp = BN_CTX_get(ctx)) == NULL)
-        x = BN_CTX_get(ctx);
+                goto err;
-        y = BN_CTX_get(ctx);
+        if ((x = BN_CTX_get(ctx)) == NULL)
-        z = BN_CTX_get(ctx);
+                goto err;
-        if (z == NULL)
+        if ((y = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((z = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!BN_GF2m_mod_arr(x, x_, group->poly))
@@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
                }
                BN_CTX_start(ctx);
                used_ctx = 1;
-                x = BN_CTX_get(ctx);
+                if ((x = BN_CTX_get(ctx)) == NULL)
-                y = BN_CTX_get(ctx);
+                        goto err;
-                yxi = BN_CTX_get(ctx);
+                if ((y = BN_CTX_get(ctx)) == NULL)
-                if (yxi == NULL)
+                        goto err;
+                if ((yxi = BN_CTX_get(ctx)) == NULL)
                        goto err;
                if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
@@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
                        return 0;
        }
        BN_CTX_start(ctx);
-        x = BN_CTX_get(ctx);
+        if ((x = BN_CTX_get(ctx)) == NULL)
-        y = BN_CTX_get(ctx);
+                goto err;
-        yxi = BN_CTX_get(ctx);
+        if ((y = BN_CTX_get(ctx)) == NULL)
-        if (yxi == NULL)
+                goto err;
+        if ((yxi = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c
index b9c066c5c1..43f0afd5ae 100644
--- a/src/lib/libcrypto/ec/ec2_smpl.c
+++ b/src/lib/libcrypto/ec/ec2_smpl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */
 /* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
 *
@@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
                }
        }
        BN_CTX_start(ctx);
-        b = BN_CTX_get(ctx);
+        if ((b = BN_CTX_get(ctx)) == NULL)
-        if (b == NULL)
                goto err;
        if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
@@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
                        return 0;
        }
        BN_CTX_start(ctx);
-        x0 = BN_CTX_get(ctx);
+        if ((x0 = BN_CTX_get(ctx)) == NULL)
-        y0 = BN_CTX_get(ctx);
+                goto err;
-        x1 = BN_CTX_get(ctx);
+        if ((y0 = BN_CTX_get(ctx)) == NULL)
-        y1 = BN_CTX_get(ctx);
+                goto err;
-        x2 = BN_CTX_get(ctx);
+        if ((x1 = BN_CTX_get(ctx)) == NULL)
-        y2 = BN_CTX_get(ctx);
+                goto err;
-        s = BN_CTX_get(ctx);
+        if ((y1 = BN_CTX_get(ctx)) == NULL)
-        t = BN_CTX_get(ctx);
+                goto err;
-        if (t == NULL)
+        if ((x2 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((y2 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((s = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((t = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (a->Z_is_one) {
@@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX
                        return -1;
        }
        BN_CTX_start(ctx);
-        y2 = BN_CTX_get(ctx);
+        if ((y2 = BN_CTX_get(ctx)) == NULL)
-        lh = BN_CTX_get(ctx);
+                goto err;
-        if (lh == NULL)
+        if ((lh = BN_CTX_get(ctx)) == NULL)
                goto err;
        /*
@@ -651,7 +656,8 @@ err:
 *   1   not equal
 */
 int 
-ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx)
+ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
+    const EC_POINT *b, BN_CTX *ctx)
 {
        BIGNUM *aX, *aY, *bX, *bY;
        BN_CTX *new_ctx = NULL;
@@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT *
                        return -1;
        }
        BN_CTX_start(ctx);
-        aX = BN_CTX_get(ctx);
+        if ((aX = BN_CTX_get(ctx)) == NULL)
-        aY = BN_CTX_get(ctx);
+                goto err;
-        bX = BN_CTX_get(ctx);
+        if ((aY = BN_CTX_get(ctx)) == NULL)
-        bY = BN_CTX_get(ctx);
+                goto err;
-        if (bY == NULL)
+        if ((bX = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((bY = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
@@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct
                        return 0;
        }
        BN_CTX_start(ctx);
-        x = BN_CTX_get(ctx);
+        if ((x = BN_CTX_get(ctx)) == NULL)
-        y = BN_CTX_get(ctx);
+                goto err;
-        if (y == NULL)
+        if ((y = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c
index f9904b4ee9..45192c3231 100644
--- a/src/lib/libcrypto/ec/ec_key.c
+++ b/src/lib/libcrypto/ec/ec_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
        if (tmp_nid == NID_X9_62_characteristic_two_field)
                is_char_two = 1;
-        tx = BN_CTX_get(ctx);
+        if ((tx = BN_CTX_get(ctx)) == NULL)
-        ty = BN_CTX_get(ctx);
+                goto err;
+        if ((ty = BN_CTX_get(ctx)) == NULL)
+                goto err;
 #ifndef OPENSSL_NO_EC2M
        if (is_char_two) {
                if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 47ccc614d1..8cf0f2241e 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */
 /*
 * Originally written by Bodo Moeller for the OpenSSL project.
 */
@@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
                return -1;
        BN_CTX_start(ctx);
-        a1 = BN_CTX_get(ctx);
+        if ((a1 = BN_CTX_get(ctx)) == NULL)
-        a2 = BN_CTX_get(ctx);
+                goto err;
-        a3 = BN_CTX_get(ctx);
+        if ((a2 = BN_CTX_get(ctx)) == NULL)
-        b1 = BN_CTX_get(ctx);
+                goto err;
-        b2 = BN_CTX_get(ctx);
+        if ((a3 = BN_CTX_get(ctx)) == NULL)
-        b3 = BN_CTX_get(ctx);
+                goto err;
-        if (!b3) {
+        if ((b1 = BN_CTX_get(ctx)) == NULL)
-                BN_CTX_end(ctx);
+                goto err;
-                if (ctx_new)
+        if ((b2 = BN_CTX_get(ctx)) == NULL)
-                        BN_CTX_free(ctx);
+                goto err;
-                return -1;
+        if ((b3 = BN_CTX_get(ctx)) == NULL)
-        }
+                goto err;
        /*
         * XXX This approach assumes that the external representation of
         * curves over the same field type is the same.
@@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
                BN_CTX_free(ctx);
        return r;
+err:
+        BN_CTX_end(ctx);
+        if (ctx_new)
+                BN_CTX_free(ctx);
+        return -1;
 }
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index 9e3aee13a2..e711413598 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
 /*
 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
 */
@@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
                        goto err;
        }
        BN_CTX_start(ctx);
-        order = BN_CTX_get(ctx);
+        if ((order = BN_CTX_get(ctx)) == NULL)
-        if (order == NULL)
                goto err;
        if (!EC_GROUP_get_order(group, order, ctx))
diff --git a/src/lib/libcrypto/ec/ecp_oct.c b/src/lib/libcrypto/ec/ecp_oct.c
index abc31e6382..994f0b08b1 100644
--- a/src/lib/libcrypto/ec/ecp_oct.c
+++ b/src/lib/libcrypto/ec/ecp_oct.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * for the OpenSSL project.
 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,8 +67,8 @@
 #include "ec_lcl.h"
 int 
-ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point,
+ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group,
-    const BIGNUM * x_, int y_bit, BN_CTX * ctx)
+    EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx)
 {
        BN_CTX *new_ctx = NULL;
        BIGNUM *tmp1, *tmp2, *x, *y;
@@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin
        y_bit = (y_bit != 0);
        BN_CTX_start(ctx);
-        tmp1 = BN_CTX_get(ctx);
+        if ((tmp1 = BN_CTX_get(ctx)) == NULL)
-        tmp2 = BN_CTX_get(ctx);
+                goto err;
-        x = BN_CTX_get(ctx);
+        if ((tmp2 = BN_CTX_get(ctx)) == NULL)
-        y = BN_CTX_get(ctx);
+                goto err;
-        if (y == NULL)
+        if ((x = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((y = BN_CTX_get(ctx)) == NULL)
                goto err;
        /*
@@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co
                }
                BN_CTX_start(ctx);
                used_ctx = 1;
-                x = BN_CTX_get(ctx);
+                if ((x = BN_CTX_get(ctx)) == NULL)
-                y = BN_CTX_get(ctx);
+                        goto err;
-                if (y == NULL)
+                if ((y = BN_CTX_get(ctx)) == NULL)
                        goto err;
                if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
                        return 0;
        }
        BN_CTX_start(ctx);
-        x = BN_CTX_get(ctx);
+        if ((x = BN_CTX_get(ctx)) == NULL)
-        y = BN_CTX_get(ctx);
+                goto err;
-        if (y == NULL)
+        if ((y = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!BN_bin2bn(buf + 1, field_len, x))
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 7b3bb2364d..f6db4dc9b1 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */
+/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * for the OpenSSL project.
 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group,
                        return 0;
        }
        BN_CTX_start(ctx);
-        tmp_a = BN_CTX_get(ctx);
+        if ((tmp_a = BN_CTX_get(ctx)) == NULL)
-        if (tmp_a == NULL)
                goto err;
        /* group->field */
@@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
                }
        }
        BN_CTX_start(ctx);
-        a = BN_CTX_get(ctx);
+        if ((a = BN_CTX_get(ctx)) == NULL)
-        b = BN_CTX_get(ctx);
+                goto err;
-        tmp_1 = BN_CTX_get(ctx);
+        if ((b = BN_CTX_get(ctx)) == NULL)
-        tmp_2 = BN_CTX_get(ctx);
+                goto err;
-        order = BN_CTX_get(ctx);
+        if ((tmp_1 = BN_CTX_get(ctx)) == NULL)
-        if (order == NULL)
+                goto err;
+        if ((tmp_2 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((order = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (group->meth->field_decode) {
@@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN
                        return 0;
        }
        BN_CTX_start(ctx);
-        Z = BN_CTX_get(ctx);
+        if ((Z = BN_CTX_get(ctx)) == NULL)
-        Z_1 = BN_CTX_get(ctx);
+                goto err;
-        Z_2 = BN_CTX_get(ctx);
+        if ((Z_1 = BN_CTX_get(ctx)) == NULL)
-        Z_3 = BN_CTX_get(ctx);
+                goto err;
-        if (Z_3 == NULL)
+        if ((Z_2 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((Z_3 = BN_CTX_get(ctx)) == NULL)
                goto err;
        /* transform  (X, Y, Z)  into  (x, y) := (X/Z^2, Y/Z^3) */
@@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons
                        return 0;
        }
        BN_CTX_start(ctx);
-        n0 = BN_CTX_get(ctx);
+        if ((n0 = BN_CTX_get(ctx)) == NULL)
-        n1 = BN_CTX_get(ctx);
+                goto end;
-        n2 = BN_CTX_get(ctx);
+        if ((n1 = BN_CTX_get(ctx)) == NULL)
-        n3 = BN_CTX_get(ctx);
+                goto end;
-        n4 = BN_CTX_get(ctx);
+        if ((n2 = BN_CTX_get(ctx)) == NULL)
-        n5 = BN_CTX_get(ctx);
+                goto end;
-        n6 = BN_CTX_get(ctx);
+        if ((n3 = BN_CTX_get(ctx)) == NULL)
-        if (n6 == NULL)
+                goto end;
+        if ((n4 = BN_CTX_get(ctx)) == NULL)
+                goto end;
+        if ((n5 = BN_CTX_get(ctx)) == NULL)
+                goto end;
+        if ((n6 = BN_CTX_get(ctx)) == NULL)
                goto end;
        /*
@@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C
                        return 0;
        }
        BN_CTX_start(ctx);
-        n0 = BN_CTX_get(ctx);
+        if ((n0 = BN_CTX_get(ctx)) == NULL)
-        n1 = BN_CTX_get(ctx);
+                goto err;
-        n2 = BN_CTX_get(ctx);
+        if ((n1 = BN_CTX_get(ctx)) == NULL)
-        n3 = BN_CTX_get(ctx);
+                goto err;
-        if (n3 == NULL)
+        if ((n2 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((n3 = BN_CTX_get(ctx)) == NULL)
                goto err;
        /*
@@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX
                        return -1;
        }
        BN_CTX_start(ctx);
-        rh = BN_CTX_get(ctx);
+        if ((rh = BN_CTX_get(ctx)) == NULL)
-        tmp = BN_CTX_get(ctx);
+                goto err;
-        Z4 = BN_CTX_get(ctx);
+        if ((tmp = BN_CTX_get(ctx)) == NULL)
-        Z6 = BN_CTX_get(ctx);
+                goto err;
-        if (Z6 == NULL)
+        if ((Z4 = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((Z6 = BN_CTX_get(ctx)) == NULL)
                goto err;
        /*
@@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b
                        return -1;
        }
        BN_CTX_start(ctx);
-        tmp1 = BN_CTX_get(ctx);
+        if ((tmp1 = BN_CTX_get(ctx)) == NULL)
-        tmp2 = BN_CTX_get(ctx);
+                goto end;
-        Za23 = BN_CTX_get(ctx);
+        if ((tmp2 = BN_CTX_get(ctx)) == NULL)
-        Zb23 = BN_CTX_get(ctx);
+                goto end;
-        if (Zb23 == NULL)
+        if ((Za23 = BN_CTX_get(ctx)) == NULL)
+                goto end;
+        if ((Zb23 = BN_CTX_get(ctx)) == NULL)
                goto end;
        /*
@@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx
                        return 0;
        }
        BN_CTX_start(ctx);
-        x = BN_CTX_get(ctx);
+        if ((x = BN_CTX_get(ctx)) == NULL)
-        y = BN_CTX_get(ctx);
+                goto err;
-        if (y == NULL)
+        if ((y = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
@@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
                        return 0;
        }
        BN_CTX_start(ctx);
-        tmp0 = BN_CTX_get(ctx);
+        if ((tmp0 = BN_CTX_get(ctx)) == NULL)
-        tmp1 = BN_CTX_get(ctx);
+                goto err;
-        if (tmp0 == NULL || tmp1 == NULL)
+        if ((tmp1 = BN_CTX_get(ctx)) == NULL)
                goto err;
        /*