From 7a916089ef1d0ebd5efa2adab5c1d1c539bddc77 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 10 May 2024 05:12:03 +0000 Subject: [PATCH] Add missing EC_KEY_free() While eckey_from_explicit_params() frees *out_eckey, eckey_from_object() and eckey_from_params() do not. These functions are currently all callled with a NULL *out_eckey, but the latter two would leak if that should ever change. ok jsing --- lib/libcrypto/ec/ec_ameth.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/libcrypto/ec/ec_ameth.c b/lib/libcrypto/ec/ec_ameth.c index 7b2bad45b4d..378261b946b 100644 --- a/lib/libcrypto/ec/ec_ameth.c +++ b/lib/libcrypto/ec/ec_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_ameth.c,v 1.67 2024/04/18 11:56:53 tb Exp $ */ +/* $OpenBSD: ec_ameth.c,v 1.68 2024/05/10 05:12:03 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -173,6 +173,7 @@ eckey_from_object(const ASN1_OBJECT *aobj, EC_KEY **out_eckey) { int nid; + EC_KEY_free(*out_eckey); *out_eckey = NULL; if ((nid = OBJ_obj2nid(aobj)) == NID_undef) @@ -206,6 +207,7 @@ eckey_to_params(EC_KEY *eckey, int *out_type, void **out_val) static int eckey_from_params(int ptype, const void *pval, EC_KEY **out_eckey) { + EC_KEY_free(*out_eckey); *out_eckey = NULL; if (ptype == V_ASN1_SEQUENCE) -- 2.20.1