Don't free garbage in ec_wNAF_mul() if wNAF could be allocated but

other allocations in the same block couldn't.

problem pointed out by David Ramos on the openssl-dev list
ok miod@ doug@

1 files changed, 11 insertions, 5 deletions

diff --git a/lib/libssl/src/crypto/ec/ec_mult.c b/lib/libssl/src/crypto/ec/ec_mult.c
index 4e49ce4f7b1..3dc17bc4091 100644
--- a/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/lib/libssl/src/crypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.15 2014/11/11 06:23:43 guenther Exp $ */
 /*
  * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
  */
@@ -425,17 +425,23 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
 	}
 	totalnum = num + numblocks;
 
-	wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
-	wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
 	/* includes space for pivot */
 	wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
+	if (wNAF == NULL) {
+		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+		goto err;
+	}
+
+	wNAF[0] = NULL;		/* preliminary pivot */
+
+	wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
+	wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
 	val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
 
-	if (!wsize || !wNAF_len || !wNAF || !val_sub) {
+	if (wsize == NULL || wNAF_len == NULL || val_sub == NULL) {
 		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-	wNAF[0] = NULL;		/* preliminary pivot */
 
 	/* num_val will be the total number of temporarily precomputed points */
 	num_val = 0;