From 18ad1090a5613dfdd3acf4bc63e130d5bc8f058b Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 6 May 2022 10:10:10 +0000 Subject: [PATCH] Also check EVP_PKEY_CTX_new_id() return in example code. Letting this be caught by the error check of EVP_PKEY_derive_init() is a dubious pattern. --- lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 b/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 index 36e34f3c27d..559c68bd6ee 100644 --- a/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 +++ b/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_CTX_set_hkdf_md.3,v 1.1 2022/05/06 07:36:54 tb Exp $ +.\" $OpenBSD: EVP_PKEY_CTX_set_hkdf_md.3,v 1.2 2022/05/06 10:10:10 tb Exp $ .\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100 .\" .\" This file was written by Alessandro Ghedini , @@ -217,7 +217,9 @@ This example derives 10 bytes using SHA-256 with the secret key EVP_PKEY_CTX *pctx; unsigned char out[10]; size_t outlen = sizeof(out); -pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + +if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) + /* Error */ if (EVP_PKEY_derive_init(pctx) <= 0) /* Error */ -- 2.20.1