crypto: Fix potential null pointer dereference when BIO_meth_new() fails

This function can return null, which will make the calls to
BIO_meth_set_* trigger a null deref.
Even after fixing this, there is an issue with the
`BIOPointer::New(GetMethod())` call in `NodeBIO::New` because the
`New` method cannot handle a null pointer despite other code already
guarding for this
(e.g. the `NodeBIO::New` function already checks `bio`).
This patch solves the issues by adding more null checks.

Author: ndossche

deps/ncrypto/ncrypto.cc

@@ -1470,6 +1470,7 @@ BIOPointer BIOPointer::NewSecMem() {
 }
 
 BIOPointer BIOPointer::New(const BIO_METHOD* method) {
+  if (method == nullptr) return {};
   return BIOPointer(BIO_new(method));
 }
 

src/crypto/crypto_bio.cc

@@ -226,13 +226,15 @@ const BIO_METHOD* NodeBIO::GetMethod() {
   // Static initialization ensures that this is safe to use concurrently.
   static const BIO_METHOD* method = [&]() {
     BIO_METHOD* method = BIO_meth_new(BIO_TYPE_MEM, "node.js SSL buffer");
-    BIO_meth_set_write(method, Write);
-    BIO_meth_set_read(method, Read);
-    BIO_meth_set_puts(method, Puts);
-    BIO_meth_set_gets(method, Gets);
-    BIO_meth_set_ctrl(method, Ctrl);
-    BIO_meth_set_create(method, New);
-    BIO_meth_set_destroy(method, Free);
+    if (method != nullptr) {
+      BIO_meth_set_write(method, Write);
+      BIO_meth_set_read(method, Read);
+      BIO_meth_set_puts(method, Puts);
+      BIO_meth_set_gets(method, Gets);
+      BIO_meth_set_ctrl(method, Ctrl);
+      BIO_meth_set_create(method, New);
+      BIO_meth_set_destroy(method, Free);
+    }
     return method;
   }();