From 12f902796d4adde1dfdbda9b23578049a2e530ee Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Mon, 26 Sep 2022 12:06:44 +1000
Subject: [PATCH] Check BN_dup results in rsa_check

Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/12f902796d4adde1dfdbda9b23578049a2e530ee
(cherry picked from commit a47235f4f5af0286aadd43eeccf946a8f35a5dc8)
---
 lib/dns/opensslrsa_link.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
index 9bee2f0449..45570dac98 100644
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -849,6 +849,9 @@ rsa_check(RSA *rsa, RSA *pub) {
 			}
 		} else {
 			n = BN_dup(n2);
+			if (n == NULL) {
+				return (ISC_R_NOMEMORY);
+			}
 		}
 		if (e1 != NULL) {
 			if (BN_cmp(e1, e2) != 0) {
@@ -859,6 +862,12 @@ rsa_check(RSA *rsa, RSA *pub) {
 			}
 		} else {
 			e = BN_dup(e2);
+			if (e == NULL) {
+				if (n != NULL) {
+					BN_free(n);
+				}
+				return (ISC_R_NOMEMORY);
+			}
 		}
 		if (RSA_set0_key(rsa, n, e, NULL) == 0) {
 			if (n != NULL) {
-- 
2.23.0