[openssl-dev] [openssl.org #4402] [PATCH] Missing Sanity Check for BN_new in 'apps/prime.c' for OpenSSL-1.1 pre4

Bill Parker via RT rt at openssl.org
Wed Mar 9 18:03:09 UTC 2016

Hello All,

In reviewing code in directory 'apps', file 'prime.c', there is a
call to BN_new() which is not checked for a return value of NULL,
indicating failure.  The patch file below should address/correct this

--- prime.c.orig        2016-03-08 16:13:24.841500061 -0800
+++ prime.c     2016-03-08 16:15:33.587863062 -0800
@@ -122,6 +122,10 @@
             goto end;
         bn = BN_new();
+       if (bn == NULL) {
+           BIO_printf(bio_err, "Out of memory\n");
+           goto end;
+       }
         BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
         s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
         BIO_printf(bio_out, "%s\n", s);


Bill Parker (wp02855 at gmail dot com)

Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4402
Please log in as guest with password guest if prompted

-------------- next part --------------
A non-text attachment was scrubbed...
Name: prime.c.patch
Type: application/octet-stream
Size: 422 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160309/874e9abb/attachment-0001.obj>

More information about the openssl-dev mailing list