From 60538e018b82e5ac78f257deab395439fdd9f04d Mon Sep 17 00:00:00 2001
From: Shawn C <citypw@hardenedlinux.org>
Date: Thu, 19 Sep 2024 17:14:09 +0000
Subject: [PATCH] Fix NULL ptr dereference on EC_POINT *point

Use non-usual params of pkcs11 module will trigger a null ptr deref bug. Fix it for #25493

CLA: trivial
---
 crypto/ec/ec_asn1.c | 2 +-
 crypto/ec/ec_oct.c  | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index b32697fb85722..643d2d8d7b824 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1156,7 +1156,7 @@ int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out)
     size_t buf_len = 0;
     int new_buffer = 0;
 
-    if (a == NULL) {
+    if (a == NULL || a->pub_key == NULL) {
         ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c
index 0ad3394c8270f..886e5fd310f45 100644
--- a/crypto/ec/ec_oct.c
+++ b/crypto/ec/ec_oct.c
@@ -74,6 +74,10 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
                           point_conversion_form_t form, unsigned char *buf,
                           size_t len, BN_CTX *ctx)
 {
+    if (point == NULL) {
+        ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
     if (group->meth->point2oct == 0
         && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
         ERR_raise(ERR_LIB_EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);