Better checking for BN_CTX_get

src/common/cosigner/mta.cpp

@@ -818,6 +818,11 @@ void response_verifier::process_paillier(const BIGNUM* e, const BIGNUM* request,
     BIGNUM* B = BN_CTX_get(_ctx.get());
     BIGNUM* gamma = BN_CTX_get(_ctx.get());
 
+    if (!tmp1 || !tmp2 || !B || !gamma)
+    {
+        throw cosigner_exception(cosigner_exception::NO_MEM);
+    }
+
     if (is_coprime_fast(response, _my_paillier->pub.n, _ctx.get()) != 1)
     {
         LOG_ERROR("response is not a valid ciphertext");
@@ -953,6 +958,12 @@ void response_verifier::process_ring_pedersen(const BIGNUM* e, const mta_range_z
     BIGNUM* tmp1 = BN_CTX_get(_ctx.get());
     BIGNUM* tmp2 = BN_CTX_get(_ctx.get());
     uint8_t gamma[2 * sizeof(uint64_t)];
+
+    if (!tmp1 || !tmp2)
+    {
+        throw cosigner_exception(cosigner_exception::NO_MEM);
+    }
+
     if (!RAND_bytes(gamma, 2 * sizeof(uint64_t)))
     {
         LOG_ERROR("Failed to get random number, error %lu", ERR_get_error());

src/common/crypto/GFp_curve_algebra/GFp_curve_algebra.c

@@ -344,10 +344,10 @@ elliptic_curve_algebra_status GFp_curve_algebra_verify_linear_combination(const
     }
 
     zero = BN_CTX_get(bn_ctx);
-    BN_zero(zero);
     tmp = EC_POINT_new(ctx->curve);
     if (!zero || !tmp)
         goto cleanup;
+    BN_zero(zero);
     if (!EC_POINTs_mul(ctx->curve, tmp, zero, points_count, (const EC_POINT**)points, (const BIGNUM**)coeff, bn_ctx))
     {
         status = ELLIPTIC_CURVE_ALGEBRA_UNKNOWN_ERROR;

src/common/crypto/commitments/ring_pedersen.c

@@ -816,10 +816,11 @@ ring_pedersen_status ring_pedersen_verify_batch_commitments_internal(const ring_
     B = BN_CTX_get(ctx);
     tmp1 = BN_CTX_get(ctx);
     tmp2 = BN_CTX_get(ctx);
-    BN_one(B);
 
     if (!t_exp || !B || !tmp1 || !tmp2)
         goto cleanup;
+
+    BN_one(B);
 
     ring_pedersen_init_mont(&priv->pub, ctx);
     status = RING_PEDERSEN_UNKNOWN_ERROR;