From 7075b7f8c6c3cac36d8f6cfc4a1b697ce391c28e Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Thu, 27 Aug 2020 15:22:08 +0200
Subject: [PATCH] generate_key(): Check return code of BN_set_word()

Sponsored by: Robert Klemme
---
 openssl.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/openssl.c b/openssl.c
index 86911095..05cdf4b4 100644
--- a/openssl.c
+++ b/openssl.c
@@ -1405,7 +1405,12 @@ static int generate_key(struct client_state *csp, char **key_buf)
       goto exit;
    }
 
-   BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT);
+   if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1)
+   {
+      log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed");
+      ret = -1;
+      goto exit;
+   }
 
    key_file_path = make_certs_path(csp->config->certificate_directory,
       (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE);
-- 
2.39.2