1 files changed, 5 insertions, 1 deletions

diff --git a/lib/libcrypto/ecdh/ech_key.c b/lib/libcrypto/ecdh/ech_key.c
index 5c2dc70b632..6911f1e3419 100644
--- a/lib/libcrypto/ecdh/ech_key.c
+++ b/lib/libcrypto/ecdh/ech_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ech_key.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ech_key.c,v 1.8 2018/09/02 17:20:31 tb Exp $ */
 /* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
@@ -125,6 +125,10 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 	}
 
 	group = EC_KEY_get0_group(ecdh);
+
+	if (!EC_POINT_is_on_curve(group, pub_key, ctx))
+		goto err;
+
 	if ((tmp = EC_POINT_new(group)) == NULL) {
 		ECDHerror(ERR_R_MALLOC_FAILURE);
 		goto err;