From 7cf6085b00e194877b88b72d710d1aea6cb03e20 Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Sat, 19 Mar 2016 22:39:37 -1000
Subject: [PATCH] Check for |BN_CTX_new| failure in |mod_exp|.

As far as I can tell, this is the last place within libcrypto where
this type of check is missing.

Change-Id: I3d09676abab8c9f6c4e87214019a382ec2ba90ee
Reviewed-on: https://boringssl-review.googlesource.com/7519
Reviewed-by: David Benjamin <davidben@google.com>
---
 crypto/rsa/rsa_impl.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index 8dd59dc4..d98ca0da 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c
@@ -636,6 +636,11 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
   r1 = BN_CTX_get(ctx);
   m1 = BN_CTX_get(ctx);
   vrfy = BN_CTX_get(ctx);
+  if (r1 == NULL ||
+      m1 == NULL ||
+      vrfy == NULL) {
+    goto err;
+  }
 
   {
     BIGNUM local_p, local_q;