From 0e28e8b910443b64c021ba44af8042b9ae325e5c Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 26 Dec 2025 18:45:42 +0000
Subject: Add compatibility check to EC_POINT_mul()

This is the only public API that doesn't check for compatibility between
group and point. Add the missing check.

ok jsing kenjiro
---
 src/lib/libcrypto/ec/ec_lib.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index c140249f0e..dc8800dff2 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.129 2025/12/26 18:44:19 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.130 2025/12/26 18:45:42 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1343,6 +1343,12 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
 		goto err;
 	}
 
+	if (!ec_group_and_point_compatible(group, r) ||
+	    (point != NULL && !ec_group_and_point_compatible(group, point))) {
+		ECerror(EC_R_INCOMPATIBLE_OBJECTS);
+		goto err;
+	}
+
 	if (g_scalar != NULL && point == NULL && p_scalar == NULL) {
 		/*
 		 * In this case we want to compute g_scalar * GeneratorPoint:
-- 
cgit v1.2.3-55-g6feb