From e8c19f02f4b0497ce5d3eca5d72b3cdaeaff9f09 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 24 Mar 2025 12:49:13 +0000
Subject: Check group generator in EC_POINT_mul().

When a non-NULL generator scalar is passed to EC_POINT_mul(), the group's
generator will be used in multiplication. Add a check that ensures that the
group generator is non-NULL, in order to avoid needing to handle this
elsewhere (currently in the lower level point multiplication code).

ok tb@
---
 src/lib/libcrypto/ec/ec_lib.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 315a8130cf..598038de1d 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.121 2025/03/09 15:42:19 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.122 2025/03/24 12:49:13 jsing Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1319,6 +1319,11 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
 		goto err;
 	}
 
+	if (g_scalar != NULL && group->generator == NULL) {
+		ECerror(EC_R_UNDEFINED_GENERATOR);
+		goto err;
+	}
+
 	if (g_scalar != NULL && point == NULL && p_scalar == NULL) {
 		/*
 		 * In this case we want to compute g_scalar * GeneratorPoint:
-- 
cgit v1.2.3-55-g6feb