Commit a226dc3520 for openssl.org

commit a226dc352037f98d579c506b2815f9191324af27
Author: Carlo Deutschmann <deutschmanncarlo@gmail.com>
Date:   Fri Jun 19 10:30:31 2026 +0200

    Avoid NULL dereference if RSA_PSS_PARAMS_dup() fails in ossl_rsa_dup()

    RSA_PSS_PARAMS_dup() can return NULL on failure (e.g. memory
    allocation failure). The subsequent code dereferenced dupkey->pss
    unconditionally when checking dupkey->pss->maskGenAlgorithm, which
    would result in a NULL pointer dereference.

    Check the return value and jump to the error handling instead, which
    properly frees the partially constructed key.

    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    Reviewed-by: Daniel Kubec <kubec@openssl.foundation>
    Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
    MergeDate: Tue Jun 23 16:32:24 2026
    (Merged from https://github.com/openssl/openssl/pull/31619)

diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index 00b4880c80..efacdcf9fe 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -532,7 +532,8 @@ RSA *ossl_rsa_dup(const RSA *rsa, int selection)
     }

     if (rsa->pss != NULL) {
-        dupkey->pss = RSA_PSS_PARAMS_dup(rsa->pss);
+        if ((dupkey->pss = RSA_PSS_PARAMS_dup(rsa->pss)) == NULL)
+            goto err;
         if (rsa->pss->maskGenAlgorithm != NULL
             && dupkey->pss->maskGenAlgorithm == NULL) {
             dupkey->pss->maskHash = ossl_x509_algor_mgf1_decode(rsa->pss->maskGenAlgorithm);