BN_one() can fail, check its return value.

ok tb@

diff --git a/lib/libcrypto/bn/bn_gcd.c b/lib/libcrypto/bn/bn_gcd.c
index 4661b35..f3a2370 100644 (file)
--- a/lib/libcrypto/bn/bn_gcd.c
+++ b/lib/libcrypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_gcd.c,v 1.18 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: bn_gcd.c,v 1.19 2022/12/01 02:58:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -277,7 +277,8 @@ BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ct
        if (R == NULL)
                goto err;
 
-       BN_one(X);
+       if (!BN_one(X))
+               goto err;
        BN_zero(Y);
        if (BN_copy(B, a) == NULL)
                goto err;
@@ -591,7 +592,8 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
        if (R == NULL)
                goto err;
 
-       BN_one(X);
+       if (!BN_one(X))
+               goto err;
        BN_zero(Y);
        if (BN_copy(B, a) == NULL)
                goto err;
@@ -755,7 +757,8 @@ BN_gcd_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
        if ((T = BN_CTX_get(ctx)) == NULL)
                goto err;
 
-       BN_one(X);
+       if (!BN_one(X))
+               goto err;
        BN_zero(Y);
        if (BN_copy(B, a) == NULL)
                goto err;

diff --git a/lib/libcrypto/gost/gostr341001.c b/lib/libcrypto/gost/gostr341001.c
index 13f053d..79fddb1 100644 (file)
--- a/lib/libcrypto/gost/gostr341001.c
+++ b/lib/libcrypto/gost/gostr341001.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gostr341001.c,v 1.10 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: gostr341001.c,v 1.11 2022/12/01 02:58:31 jsing Exp $ */
 /*
  * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
  * Copyright (c) 2005-2006 Cryptocom LTD
@@ -178,8 +178,10 @@ gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
                goto err;
        if (BN_mod_ct(e, md, order, ctx) == 0)
                goto err;
-       if (BN_is_zero(e))
-               BN_one(e);
+       if (BN_is_zero(e)) {
+               if (!BN_one(e))
+                       goto err;
+       }
        if ((k = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((X = BN_CTX_get(ctx)) == NULL)
@@ -289,8 +291,10 @@ gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec)
 
        if (BN_mod_ct(e, md, order, ctx) == 0)
                goto err;
-       if (BN_is_zero(e))
-               BN_one(e);
+       if (BN_is_zero(e)) {
+               if (!BN_one(e))
+                       goto err;
+       }
        if ((v = BN_mod_inverse_ct(v, e, order, ctx)) == NULL)
                goto err;
        if (BN_mod_mul(z1, sig->s, v, order, ctx) == 0)