File openssl-0004-BN_BLINDING_update.patch of Package openssl-3

Description: Fix CWE-476 (NULL Pointer Dereference) in BN_BLINDING_update
Issue: The pointer 'b' is dereferenced at the start of the function (checking b->A), but essentially admitted to be potentially NULL by a subsequent call to BN_BLINDING_create_param(b, ...) which checks for b==NULL.

diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index 1234567..89abcde 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -92,6 +92,8 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
 {
     int ret = 0;
 
+    if (b == NULL)
+        return 0;
     if ((b->A == NULL) || (b->Ai == NULL)) {
         ERR_raise(ERR_LIB_BN, BN_R_NOT_INITIALIZED);
         goto err;