From f8cc8caab7176a65731520f3130dc059e5d5773e Mon Sep 17 00:00:00 2001
From: Andre Noll <maan@tuebingen.mpg.de>
Date: Wed, 29 Aug 2018 12:14:38 +0200
Subject: [PATCH] openssl: Fix memory leak in read_rsa_bignums().

If an error occurs while reading the second bignum we leak the memory
allocated for the first bignum.
---
 openssl.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/openssl.c b/openssl.c
index 7d5bb25d..4895e176 100644
--- a/openssl.c
+++ b/openssl.c
@@ -124,11 +124,11 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
 		return -E_BIGNUM;
 	ret = read_bignum(p, end - p, &e);
 	if (ret < 0)
-		goto fail;
+		goto free_rsa;
 	p += ret;
 	ret = read_bignum(p, end - p, &n);
 	if (ret < 0)
-		goto fail;
+		goto free_e;
 #ifdef HAVE_RSA_SET0_KEY
 	RSA_set0_key(rsa, n, e, NULL);
 #else
@@ -137,7 +137,9 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
 #endif
 	*result = rsa;
 	return 1;
-fail:
+free_e:
+	BN_free(e);
+free_rsa:
 	RSA_free(rsa);
 	return ret;
 }
-- 
2.39.2