From 75b940e388c4310718d3b2d41d13e92277ef8efa Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Sun, 24 Jul 2022 18:41:08 +0000
Subject: [PATCH] Plug a leak in PKCS12_setup_mac()

based on OpenSSL 1b8f1937 by Dmitry Belyavskiy

ok jsing
---
 lib/libcrypto/pkcs12/p12_mutl.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/libcrypto/pkcs12/p12_mutl.c b/lib/libcrypto/pkcs12/p12_mutl.c
index f3a6ea3ba3a..aaba1e74de9 100644
--- a/lib/libcrypto/pkcs12/p12_mutl.c
+++ b/lib/libcrypto/pkcs12/p12_mutl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_mutl.c,v 1.27 2021/12/12 21:30:14 tb Exp $ */
+/* $OpenBSD: p12_mutl.c,v 1.28 2022/07/24 18:41:08 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -174,7 +174,8 @@ int
 PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
     const EVP_MD *md_type)
 {
-	if (!(p12->mac = PKCS12_MAC_DATA_new()))
+	PKCS12_MAC_DATA_free(p12->mac);
+	if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
 		return PKCS12_ERROR;
 	if (iter > 1) {
 		if (!(p12->mac->iter = ASN1_INTEGER_new())) {
-- 
2.20.1