external/boringssl: cherry-pick crash fix

This change cherry-picks the following change from upstream:

commit 61dedd681501616de5928fe5c0eac6640d4de0c1
Author: Adam Langley <alangley@gmail.com>
Date:   Wed Feb 7 14:59:44 2018 -0800

    Don't crash when failing to set affine coordinates when the generator is missing.

    If a caller is in the process on constructing an arbitrary |EC_GROUP|,
    and they try to create an |EC_POINT| to set as the generator which is
    invalid, we would previously crash.

Test: cts -m CtsLibcoreTestCases -t com.android.org.conscrypt
Change-Id: I6183e5d103636c01ca1cb3659d9e62c4dd63458b
Merged-In: Id05fd03176db2282aecdf58311d6224ff5f8d89d

1 files changed, 7 insertions, 1 deletions

diff --git a/src/crypto/fipsmodule/ec/ec.c b/src/crypto/fipsmodule/ec/ec.c
index 616df162..e45a7e34 100644
--- a/src/crypto/fipsmodule/ec/ec.c
+++ b/src/crypto/fipsmodule/ec/ec.c
@@ -768,7 +768,13 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
   if (!EC_POINT_is_on_curve(group, point, ctx)) {
     // In the event of an error, defend against the caller not checking the
     // return value by setting a known safe value: the base point.
-    EC_POINT_copy(point, EC_GROUP_get0_generator(group));
+    const EC_POINT *generator = EC_GROUP_get0_generator(group);
+    // The generator can be missing if the caller is in the process of
+    // constructing an arbitrary group. In this, we give up and hope they're
+    // checking the return value.
+    if (generator) {
+      EC_POINT_copy(point, generator);
+    }
     OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE);
     return 0;
   }