From 4162c7d378722581aeea7d90d4aa46ac2c49abd8 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 22 Aug 2016 23:23:31 +0100
Subject: Fix mem leak on error path

The mem pointed to by cAB can be leaked on an error path.

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 crypto/srp/srp_lib.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'crypto/srp/srp_lib.c')

diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index f146f820e7..ddd86b7517 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -168,7 +168,7 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
 {
     unsigned char dig[SHA_DIGEST_LENGTH];
     EVP_MD_CTX *ctxt;
-    unsigned char *cs;
+    unsigned char *cs = NULL;
     BIGNUM *res = NULL;
 
     if ((s == NULL) || (user == NULL) || (pass == NULL))
@@ -190,13 +190,15 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
     BN_bn2bin(s, cs);
     if (!EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s)))
         goto err;
-    OPENSSL_free(cs);
+
     if (!EVP_DigestUpdate(ctxt, dig, sizeof(dig))
         || !EVP_DigestFinal_ex(ctxt, dig, NULL))
         goto err;
 
     res = BN_bin2bn(dig, sizeof(dig), NULL);
+
  err:
+    OPENSSL_free(cs);
     EVP_MD_CTX_free(ctxt);
     return res;
 }
-- 
cgit v1.2.3