From e6b10c344e1fe91d3dc321de7e92640c4ae2fc9b Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Tue, 24 Oct 2017 16:06:28 +0200
Subject: Fix error handling in SSL_new

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4580)
---
 ssl/ssl_lib.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cefb0ba5f2..0df69b4da6 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -624,9 +624,13 @@ SSL *SSL_new(SSL_CTX *ctx)
     if (s == NULL)
         goto err;
 
+    s->references = 1;
     s->lock = CRYPTO_THREAD_lock_new();
-    if (s->lock == NULL)
+    if (s->lock == NULL) {
+        OPENSSL_free(s);
+        s = NULL;
         goto err;
+    }
 
     /*
      * If not using the standard RAND (say for fuzzing), then don't use a
@@ -639,10 +643,8 @@ SSL *SSL_new(SSL_CTX *ctx)
         if (s->drbg == NULL
             || RAND_DRBG_instantiate(s->drbg,
                                      (const unsigned char *) SSL_version_str,
-                                     sizeof(SSL_version_str) - 1) == 0) {
-            CRYPTO_THREAD_lock_free(s->lock);
+                                     sizeof(SSL_version_str) - 1) == 0)
             goto err;
-        }
     }
 
     RECORD_LAYER_init(&s->rlayer, s);
@@ -653,7 +655,6 @@ SSL *SSL_new(SSL_CTX *ctx)
     s->max_proto_version = ctx->max_proto_version;
     s->mode = ctx->mode;
     s->max_cert_list = ctx->max_cert_list;
-    s->references = 1;
     s->max_early_data = ctx->max_early_data;
 
     /*
-- 
cgit v1.2.3