summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authormiod <>2014-07-12 16:03:37 +0000
committermiod <>2014-07-12 16:03:37 +0000
commit1ae7466a2fdd60df6484d8d132d70a044fd58c92 (patch)
treeb756e0522f06b8c8ef257885370d0ada8f818fa8 /src/lib
parent3c4c98fca81949fb441815860d40ad66626df65d (diff)
downloadopenbsd-1ae7466a2fdd60df6484d8d132d70a044fd58c92.tar.gz
openbsd-1ae7466a2fdd60df6484d8d132d70a044fd58c92.tar.bz2
openbsd-1ae7466a2fdd60df6484d8d132d70a044fd58c92.zip
if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/asn1/a_object.c8
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c11
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c8
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c8
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c5
-rw-r--r--src/lib/libcrypto/bn/bn_blind.c17
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c5
-rw-r--r--src/lib/libcrypto/bn/bn_mod.c5
-rw-r--r--src/lib/libcrypto/bn/bn_prime.c5
-rw-r--r--src/lib/libcrypto/bn/bn_print.c5
-rw-r--r--src/lib/libcrypto/cmac/cm_ameth.c5
-rw-r--r--src/lib/libcrypto/cms/cms_asn1.c8
-rw-r--r--src/lib/libcrypto/cms/cms_env.c8
-rw-r--r--src/lib/libcrypto/cms/cms_sd.c5
-rw-r--r--src/lib/libcrypto/dh/dh_ameth.c11
-rw-r--r--src/lib/libcrypto/dh/dh_check.c8
-rw-r--r--src/lib/libcrypto/dh/dh_key.c5
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c23
-rw-r--r--src/lib/libcrypto/dsa/dsa.h4
-rw-r--r--src/lib/libcrypto/dsa/dsa_ameth.c18
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c14
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c5
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c26
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c23
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c8
-rw-r--r--src/lib/libcrypto/ec/ec2_mult.c11
-rw-r--r--src/lib/libcrypto/ec/ec2_oct.c14
-rw-r--r--src/lib/libcrypto/ec/ec2_smpl.c17
-rw-r--r--src/lib/libcrypto/ec/ec_ameth.c11
-rw-r--r--src/lib/libcrypto/ec/ec_asn1.c45
-rw-r--r--src/lib/libcrypto/ec/ec_check.c8
-rw-r--r--src/lib/libcrypto/ec/ec_curve.c26
-rw-r--r--src/lib/libcrypto/ec/ec_key.c44
-rw-r--r--src/lib/libcrypto/ec/ec_lib.c17
-rw-r--r--src/lib/libcrypto/ec/ec_mult.c20
-rw-r--r--src/lib/libcrypto/ec/ec_pmeth.c8
-rw-r--r--src/lib/libcrypto/ec/eck_prn.c23
-rw-r--r--src/lib/libcrypto/ec/ecp_mont.c57
-rw-r--r--src/lib/libcrypto/ec/ecp_nist.c11
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp224.c20
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp256.c20
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp521.c20
-rw-r--r--src/lib/libcrypto/ec/ecp_oct.c14
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c41
-rw-r--r--src/lib/libcrypto/ecdh/ech_ossl.c9
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_ossl.c42
-rw-r--r--src/lib/libcrypto/engine/eng_rsax.c11
-rw-r--r--src/lib/libcrypto/evp/digest.c5
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c4
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c5
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c5
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c8
-rw-r--r--src/lib/libcrypto/pem/pem_pk8.c5
-rw-r--r--src/lib/libcrypto/pem/pem_pkey.c11
-rw-r--r--src/lib/libcrypto/pem/pvkfmt.c17
-rw-r--r--src/lib/libcrypto/pkcs12/p12_key.c14
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c11
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_lib.c5
-rw-r--r--src/lib/libcrypto/rsa/rsa.h4
-rw-r--r--src/lib/libcrypto/rsa/rsa_saos.c5
-rw-r--r--src/lib/libcrypto/ts/ts_rsp_sign.c5
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c5
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_object.c8
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_par.c11
-rw-r--r--src/lib/libssl/src/crypto/asn1/evp_asn1.c8
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_pkey.c8
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_pubkey.c5
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_blind.c17
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_lib.c5
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_mod.c5
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_prime.c5
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_print.c5
-rw-r--r--src/lib/libssl/src/crypto/cmac/cm_ameth.c5
-rw-r--r--src/lib/libssl/src/crypto/cms/cms_asn1.c8
-rw-r--r--src/lib/libssl/src/crypto/cms/cms_env.c8
-rw-r--r--src/lib/libssl/src/crypto/cms/cms_sd.c5
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_ameth.c11
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_check.c8
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_key.c5
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_lib.c23
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa.h4
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_ameth.c18
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_gen.c14
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_key.c5
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_lib.c26
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_ossl.c23
-rw-r--r--src/lib/libssl/src/crypto/dsa/dsa_sign.c8
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_mult.c11
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_oct.c14
-rw-r--r--src/lib/libssl/src/crypto/ec/ec2_smpl.c17
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_ameth.c11
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_asn1.c45
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_check.c8
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_curve.c26
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_key.c44
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_lib.c17
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_mult.c20
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_pmeth.c8
-rw-r--r--src/lib/libssl/src/crypto/ec/eck_prn.c23
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_mont.c57
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nist.c11
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp224.c20
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp256.c20
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp521.c20
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_oct.c14
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_smpl.c41
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_ossl.c9
-rw-r--r--src/lib/libssl/src/crypto/ecdsa/ecs_ossl.c42
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_rsax.c11
-rw-r--r--src/lib/libssl/src/crypto/evp/digest.c5
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_pkey.c4
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_fn.c5
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_gn.c5
-rw-r--r--src/lib/libssl/src/crypto/evp/pmeth_lib.c8
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_pk8.c5
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_pkey.c11
-rw-r--r--src/lib/libssl/src/crypto/pem/pvkfmt.c17
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/p12_key.c14
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_doit.c11
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_lib.c5
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa.h4
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_saos.c5
-rw-r--r--src/lib/libssl/src/crypto/ts/ts_rsp_sign.c5
-rw-r--r--src/lib/libssl/src/crypto/x509/x509_cmp.c5
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c17
-rw-r--r--src/lib/libssl/src/ssl/ssl_rsa.c5
-rw-r--r--src/lib/libssl/ssl_lib.c17
-rw-r--r--src/lib/libssl/ssl_rsa.c5
128 files changed, 638 insertions, 1098 deletions
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index 551aece6ad..863aa6a226 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_object.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_object.c,v 1.22 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -206,15 +206,13 @@ a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
206 } 206 }
207 if (tmp != ftmp) 207 if (tmp != ftmp)
208 free(tmp); 208 free(tmp);
209 if (bl) 209 BN_free(bl);
210 BN_free(bl);
211 return (len); 210 return (len);
212 211
213err: 212err:
214 if (tmp != ftmp) 213 if (tmp != ftmp)
215 free(tmp); 214 free(tmp);
216 if (bl) 215 BN_free(bl);
217 BN_free(bl);
218 return (0); 216 return (0);
219} 217}
220 218
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index c6f95c42ab..f5e3a8b529 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_par.c,v 1.19 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: asn1_par.c,v 1.20 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -291,10 +291,8 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
291 nl = 1; 291 nl = 1;
292 } 292 }
293 } 293 }
294 if (os != NULL) { 294 M_ASN1_OCTET_STRING_free(os);
295 M_ASN1_OCTET_STRING_free(os); 295 os = NULL;
296 os = NULL;
297 }
298 } else if (tag == V_ASN1_INTEGER) { 296 } else if (tag == V_ASN1_INTEGER) {
299 ASN1_INTEGER *bs; 297 ASN1_INTEGER *bs;
300 int i; 298 int i;
@@ -376,8 +374,7 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
376end: 374end:
377 if (o != NULL) 375 if (o != NULL)
378 ASN1_OBJECT_free(o); 376 ASN1_OBJECT_free(o);
379 if (os != NULL) 377 M_ASN1_OCTET_STRING_free(os);
380 M_ASN1_OCTET_STRING_free(os);
381 *pp = p; 378 *pp = p;
382 return (ret); 379 return (ret);
383} 380}
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index 199c12f9a4..5e21f3c8ae 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_asn1.c,v 1.12 2014/07/11 13:41:59 miod Exp $ */ 1/* $OpenBSD: evp_asn1.c,v 1.13 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -193,9 +193,7 @@ err:
193 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, 193 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,
194 ASN1_R_DATA_IS_WRONG); 194 ASN1_R_DATA_IS_WRONG);
195 } 195 }
196 if (os != NULL) 196 M_ASN1_OCTET_STRING_free(os);
197 M_ASN1_OCTET_STRING_free(os); 197 M_ASN1_INTEGER_free(ai);
198 if (ai != NULL)
199 M_ASN1_INTEGER_free(ai);
200 return (ret); 198 return (ret);
201} 199}
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
index a5134bc6a2..d454afb72b 100644
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ b/src/lib/libcrypto/asn1/x_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_pkey.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: x_pkey.c,v 1.15 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,10 +149,8 @@ X509_PKEY_free(X509_PKEY *x)
149 149
150 if (x->enc_algor != NULL) 150 if (x->enc_algor != NULL)
151 X509_ALGOR_free(x->enc_algor); 151 X509_ALGOR_free(x->enc_algor);
152 if (x->enc_pkey != NULL) 152 M_ASN1_OCTET_STRING_free(x->enc_pkey);
153 M_ASN1_OCTET_STRING_free(x->enc_pkey); 153 EVP_PKEY_free(x->dec_pkey);
154 if (x->dec_pkey != NULL)
155 EVP_PKEY_free(x->dec_pkey);
156 if ((x->key_data != NULL) && (x->key_free)) 154 if ((x->key_data != NULL) && (x->key_free))
157 free(x->key_data); 155 free(x->key_data);
158 free(x); 156 free(x);
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index 87cb25bb50..56cc63059a 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_pubkey.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: x_pubkey.c,v 1.22 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -183,8 +183,7 @@ X509_PUBKEY_get(X509_PUBKEY *key)
183 return ret; 183 return ret;
184 184
185error: 185error:
186 if (ret != NULL) 186 EVP_PKEY_free(ret);
187 EVP_PKEY_free(ret);
188 return (NULL); 187 return (NULL);
189} 188}
190 189
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
index 5f559da067..c842f76c6f 100644
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ b/src/lib/libcrypto/bn/bn_blind.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_blind.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_blind.c,v 1.14 2014/07/12 16:03:36 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -181,14 +181,10 @@ BN_BLINDING_free(BN_BLINDING *r)
181 if (r == NULL) 181 if (r == NULL)
182 return; 182 return;
183 183
184 if (r->A != NULL) 184 BN_clear_free(r->A);
185 BN_clear_free(r->A ); 185 BN_clear_free(r->Ai);
186 if (r->Ai != NULL) 186 BN_clear_free(r->e);
187 BN_clear_free(r->Ai); 187 BN_clear_free(r->mod);
188 if (r->e != NULL)
189 BN_clear_free(r->e );
190 if (r->mod != NULL)
191 BN_clear_free(r->mod);
192 free(r); 188 free(r);
193} 189}
194 190
@@ -341,8 +337,7 @@ BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m,
341 goto err; 337 goto err;
342 338
343 if (e != NULL) { 339 if (e != NULL) {
344 if (ret->e != NULL) 340 BN_free(ret->e);
345 BN_free(ret->e);
346 ret->e = BN_dup(e); 341 ret->e = BN_dup(e);
347 } 342 }
348 if (ret->e == NULL) 343 if (ret->e == NULL)
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 4ee9b2bbde..d0cb49cd1e 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_lib.c,v 1.32 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_lib.c,v 1.33 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -585,8 +585,7 @@ BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
585 i = ((n - 1) / BN_BYTES) + 1; 585 i = ((n - 1) / BN_BYTES) + 1;
586 m = ((n - 1) % (BN_BYTES)); 586 m = ((n - 1) % (BN_BYTES));
587 if (bn_wexpand(ret, (int)i) == NULL) { 587 if (bn_wexpand(ret, (int)i) == NULL) {
588 if (bn) 588 BN_free(bn);
589 BN_free(bn);
590 return NULL; 589 return NULL;
591 } 590 }
592 ret->top = i; 591 ret->top = i;
diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c
index a503ff3b1b..67bd3541b0 100644
--- a/src/lib/libcrypto/bn/bn_mod.c
+++ b/src/lib/libcrypto/bn/bn_mod.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mod.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mod.c,v 1.9 2014/07/12 16:03:36 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. */ 3 * for the OpenSSL project. */
4/* ==================================================================== 4/* ====================================================================
@@ -253,8 +253,7 @@ BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx)
253 ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); 253 ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
254 bn_check_top(r); 254 bn_check_top(r);
255 255
256 if (abs_m) 256 BN_free(abs_m);
257 BN_free(abs_m);
258 return ret; 257 return ret;
259} 258}
260 259
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
index db786a63ef..27468ceb93 100644
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ b/src/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.11 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -344,8 +344,7 @@ err:
344 if (ctx_passed == NULL) 344 if (ctx_passed == NULL)
345 BN_CTX_free(ctx); 345 BN_CTX_free(ctx);
346 } 346 }
347 if (mont != NULL) 347 BN_MONT_CTX_free(mont);
348 BN_MONT_CTX_free(mont);
349 348
350 return (ret); 349 return (ret);
351} 350}
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
index ccdae5ae09..4920705a5b 100644
--- a/src/lib/libcrypto/bn/bn_print.c
+++ b/src/lib/libcrypto/bn/bn_print.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_print.c,v 1.22 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_print.c,v 1.23 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -163,8 +163,7 @@ BN_bn2dec(const BIGNUM *a)
163 163
164err: 164err:
165 free(bn_data); 165 free(bn_data);
166 if (t != NULL) 166 BN_free(t);
167 BN_free(t);
168 if (!ok && buf) { 167 if (!ok && buf) {
169 free(buf); 168 free(buf);
170 buf = NULL; 169 buf = NULL;
diff --git a/src/lib/libcrypto/cmac/cm_ameth.c b/src/lib/libcrypto/cmac/cm_ameth.c
index 39d8ad3aa8..e7e7fe0f80 100644
--- a/src/lib/libcrypto/cmac/cm_ameth.c
+++ b/src/lib/libcrypto/cmac/cm_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_ameth.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: cm_ameth.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -74,8 +74,7 @@ cmac_key_free(EVP_PKEY *pkey)
74{ 74{
75 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr; 75 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
76 76
77 if (cmctx) 77 CMAC_CTX_free(cmctx);
78 CMAC_CTX_free(cmctx);
79} 78}
80 79
81const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { 80const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
diff --git a/src/lib/libcrypto/cms/cms_asn1.c b/src/lib/libcrypto/cms/cms_asn1.c
index a75fa26137..fbdac5b1ba 100644
--- a/src/lib/libcrypto/cms/cms_asn1.c
+++ b/src/lib/libcrypto/cms/cms_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_asn1.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cms_asn1.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -91,8 +91,7 @@ cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
91{ 91{
92 if (operation == ASN1_OP_FREE_POST) { 92 if (operation == ASN1_OP_FREE_POST) {
93 CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; 93 CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
94 if (si->pkey) 94 EVP_PKEY_free(si->pkey);
95 EVP_PKEY_free(si->pkey);
96 if (si->signer) 95 if (si->signer)
97 X509_free(si->signer); 96 X509_free(si->signer);
98 } 97 }
@@ -219,8 +218,7 @@ cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
219 CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; 218 CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
220 if (ri->type == CMS_RECIPINFO_TRANS) { 219 if (ri->type == CMS_RECIPINFO_TRANS) {
221 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 220 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
222 if (ktri->pkey) 221 EVP_PKEY_free(ktri->pkey);
223 EVP_PKEY_free(ktri->pkey);
224 if (ktri->recip) 222 if (ktri->recip)
225 X509_free(ktri->recip); 223 X509_free(ktri->recip);
226 } else if (ri->type == CMS_RECIPINFO_KEK) { 224 } else if (ri->type == CMS_RECIPINFO_KEK) {
diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c
index 66ec1a9343..19c86b9550 100644
--- a/src/lib/libcrypto/cms/cms_env.c
+++ b/src/lib/libcrypto/cms/cms_env.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_env.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: cms_env.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -346,8 +346,7 @@ cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
346 ret = 1; 346 ret = 1;
347 347
348err: 348err:
349 if (pctx) 349 EVP_PKEY_CTX_free(pctx);
350 EVP_PKEY_CTX_free(pctx);
351 free(ek); 350 free(ek);
352 return ret; 351 return ret;
353} 352}
@@ -416,8 +415,7 @@ cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
416 ec->keylen = eklen; 415 ec->keylen = eklen;
417 416
418err: 417err:
419 if (pctx) 418 EVP_PKEY_CTX_free(pctx);
420 EVP_PKEY_CTX_free(pctx);
421 if (!ret && ek) 419 if (!ret && ek)
422 free(ek); 420 free(ek);
423 421
diff --git a/src/lib/libcrypto/cms/cms_sd.c b/src/lib/libcrypto/cms/cms_sd.c
index 7e490c0988..70ad897bda 100644
--- a/src/lib/libcrypto/cms/cms_sd.c
+++ b/src/lib/libcrypto/cms/cms_sd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_sd.c,v 1.7 2014/07/11 13:02:10 miod Exp $ */ 1/* $OpenBSD: cms_sd.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -495,8 +495,7 @@ CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
495{ 495{
496 if (signer) { 496 if (signer) {
497 CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); 497 CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
498 if (si->pkey) 498 EVP_PKEY_free(si->pkey);
499 EVP_PKEY_free(si->pkey);
500 si->pkey = X509_get_pubkey(signer); 499 si->pkey = X509_get_pubkey(signer);
501 } 500 }
502 if (si->signer) 501 if (si->signer)
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index 91178a92b0..729c996a1b 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_ameth.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_ameth.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -120,8 +120,7 @@ dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
120err: 120err:
121 if (public_key) 121 if (public_key)
122 ASN1_INTEGER_free(public_key); 122 ASN1_INTEGER_free(public_key);
123 if (dh) 123 DH_free(dh);
124 DH_free(dh);
125 return 0; 124 return 0;
126} 125}
127 126
@@ -409,14 +408,12 @@ dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
409 408
410 if ((a = BN_dup(from->pkey.dh->p)) == NULL) 409 if ((a = BN_dup(from->pkey.dh->p)) == NULL)
411 return 0; 410 return 0;
412 if (to->pkey.dh->p != NULL) 411 BN_free(to->pkey.dh->p);
413 BN_free(to->pkey.dh->p);
414 to->pkey.dh->p = a; 412 to->pkey.dh->p = a;
415 413
416 if ((a = BN_dup(from->pkey.dh->g)) == NULL) 414 if ((a = BN_dup(from->pkey.dh->g)) == NULL)
417 return 0; 415 return 0;
418 if (to->pkey.dh->g != NULL) 416 BN_free(to->pkey.dh->g);
419 BN_free(to->pkey.dh->g);
420 to->pkey.dh->g = a; 417 to->pkey.dh->g = a;
421 418
422 return 1; 419 return 1;
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 01b9531a44..0f6c50b055 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_check.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_check.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -114,10 +114,8 @@ DH_check(const DH *dh, int *ret)
114 } 114 }
115 ok = 1; 115 ok = 1;
116err: 116err:
117 if (ctx != NULL) 117 BN_CTX_free(ctx);
118 BN_CTX_free(ctx); 118 BN_free(q);
119 if (q != NULL)
120 BN_free(q);
121 return ok; 119 return ok;
122} 120}
123 121
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 6d90816122..132ba5cfa4 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -260,7 +260,6 @@ dh_init(DH *dh)
260static int 260static int
261dh_finish(DH *dh) 261dh_finish(DH *dh)
262{ 262{
263 if (dh->method_mont_p) 263 BN_MONT_CTX_free(dh->method_mont_p);
264 BN_MONT_CTX_free(dh->method_mont_p);
265 return 1; 264 return 1;
266} 265}
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 0a956e5416..c438f387c0 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_lib.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_lib.c,v 1.20 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -194,21 +194,14 @@ DH_free(DH *r)
194 194
195 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); 195 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
196 196
197 if (r->p != NULL) 197 BN_clear_free(r->p);
198 BN_clear_free(r->p); 198 BN_clear_free(r->g);
199 if (r->g != NULL) 199 BN_clear_free(r->q);
200 BN_clear_free(r->g); 200 BN_clear_free(r->j);
201 if (r->q != NULL)
202 BN_clear_free(r->q);
203 if (r->j != NULL)
204 BN_clear_free(r->j);
205 free(r->seed); 201 free(r->seed);
206 if (r->counter != NULL) 202 BN_clear_free(r->counter);
207 BN_clear_free(r->counter); 203 BN_clear_free(r->pub_key);
208 if (r->pub_key != NULL) 204 BN_clear_free(r->priv_key);
209 BN_clear_free(r->pub_key);
210 if (r->priv_key != NULL)
211 BN_clear_free(r->priv_key);
212 free(r); 205 free(r);
213} 206}
214 207
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index c1264ac325..bd7b26070d 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa.h,v 1.17 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: dsa.h,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -206,7 +206,7 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *);
206 206
207DSA * DSA_new(void); 207DSA * DSA_new(void);
208DSA * DSA_new_method(ENGINE *engine); 208DSA * DSA_new_method(ENGINE *engine);
209void DSA_free (DSA *r); 209void DSA_free(DSA *r);
210/* "up" the DSA object's reference count */ 210/* "up" the DSA object's reference count */
211int DSA_up_ref(DSA *r); 211int DSA_up_ref(DSA *r);
212int DSA_size(const DSA *); 212int DSA_size(const DSA *);
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index 73c58ec94c..7da4ac5695 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ameth.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_ameth.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -125,8 +125,7 @@ dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
125err: 125err:
126 if (public_key) 126 if (public_key)
127 ASN1_INTEGER_free(public_key); 127 ASN1_INTEGER_free(public_key);
128 if (dsa) 128 DSA_free(dsa);
129 DSA_free(dsa);
130 return 0; 129 return 0;
131} 130}
132 131
@@ -264,7 +263,7 @@ dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
264 } 263 }
265 264
266 EVP_PKEY_assign_DSA(pkey, dsa); 265 EVP_PKEY_assign_DSA(pkey, dsa);
267 BN_CTX_free (ctx); 266 BN_CTX_free(ctx);
268 if (ndsa) 267 if (ndsa)
269 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 268 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
270 else 269 else
@@ -275,7 +274,7 @@ dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
275decerr: 274decerr:
276 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); 275 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
277dsaerr: 276dsaerr:
278 BN_CTX_free (ctx); 277 BN_CTX_free(ctx);
279 if (privkey) 278 if (privkey)
280 ASN1_INTEGER_free(privkey); 279 ASN1_INTEGER_free(privkey);
281 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 280 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
@@ -358,20 +357,17 @@ dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
358 357
359 if ((a = BN_dup(from->pkey.dsa->p)) == NULL) 358 if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
360 return 0; 359 return 0;
361 if (to->pkey.dsa->p != NULL) 360 BN_free(to->pkey.dsa->p);
362 BN_free(to->pkey.dsa->p);
363 to->pkey.dsa->p = a; 361 to->pkey.dsa->p = a;
364 362
365 if ((a = BN_dup(from->pkey.dsa->q)) == NULL) 363 if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
366 return 0; 364 return 0;
367 if (to->pkey.dsa->q != NULL) 365 BN_free(to->pkey.dsa->q);
368 BN_free(to->pkey.dsa->q);
369 to->pkey.dsa->q = a; 366 to->pkey.dsa->q = a;
370 367
371 if ((a = BN_dup(from->pkey.dsa->g)) == NULL) 368 if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
372 return 0; 369 return 0;
373 if (to->pkey.dsa->g != NULL) 370 BN_free(to->pkey.dsa->g);
374 BN_free(to->pkey.dsa->g);
375 to->pkey.dsa->g = a; 371 to->pkey.dsa->g = a;
376 return 1; 372 return 1;
377} 373}
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index d41e7562e1..a3d07b901a 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_gen.c,v 1.15 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_gen.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -322,12 +322,9 @@ end:
322 ok = 1; 322 ok = 1;
323err: 323err:
324 if (ok) { 324 if (ok) {
325 if (ret->p) 325 BN_free(ret->p);
326 BN_free(ret->p); 326 BN_free(ret->q);
327 if (ret->q) 327 BN_free(ret->g);
328 BN_free(ret->q);
329 if (ret->g)
330 BN_free(ret->g);
331 ret->p = BN_dup(p); 328 ret->p = BN_dup(p);
332 ret->q = BN_dup(q); 329 ret->q = BN_dup(q);
333 ret->g = BN_dup(g); 330 ret->g = BN_dup(g);
@@ -346,8 +343,7 @@ err:
346 BN_CTX_end(ctx); 343 BN_CTX_end(ctx);
347 BN_CTX_free(ctx); 344 BN_CTX_free(ctx);
348 } 345 }
349 if (mont != NULL) 346 BN_MONT_CTX_free(mont);
350 BN_MONT_CTX_free(mont);
351 return ok; 347 return ok;
352} 348}
353#endif 349#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
index 4573ecbcce..4dc28dbb90 100644
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_key.c,v 1.18 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_key.c,v 1.19 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -128,8 +128,7 @@ err:
128 BN_free(pub_key); 128 BN_free(pub_key);
129 if (priv_key != NULL && dsa->priv_key == NULL) 129 if (priv_key != NULL && dsa->priv_key == NULL)
130 BN_free(priv_key); 130 BN_free(priv_key);
131 if (ctx != NULL) 131 BN_CTX_free(ctx);
132 BN_CTX_free(ctx);
133 return ok; 132 return ok;
134} 133}
135#endif 134#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 97307134cd..1cfd6ce6b8 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_lib.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_lib.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -201,20 +201,13 @@ DSA_free(DSA *r)
201 201
202 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); 202 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
203 203
204 if (r->p != NULL) 204 BN_clear_free(r->p);
205 BN_clear_free(r->p); 205 BN_clear_free(r->q);
206 if (r->q != NULL) 206 BN_clear_free(r->g);
207 BN_clear_free(r->q); 207 BN_clear_free(r->pub_key);
208 if (r->g != NULL) 208 BN_clear_free(r->priv_key);
209 BN_clear_free(r->g); 209 BN_clear_free(r->kinv);
210 if (r->pub_key != NULL) 210 BN_clear_free(r->r);
211 BN_clear_free(r->pub_key);
212 if (r->priv_key != NULL)
213 BN_clear_free(r->priv_key);
214 if (r->kinv != NULL)
215 BN_clear_free(r->kinv);
216 if (r->r != NULL)
217 BN_clear_free(r->r);
218 free(r); 211 free(r);
219} 212}
220 213
@@ -305,8 +298,7 @@ DSA_dup_DH(const DSA *r)
305 return ret; 298 return ret;
306 299
307err: 300err:
308 if (ret != NULL) 301 DH_free(ret);
309 DH_free(ret);
310 return NULL; 302 return NULL;
311} 303}
312#endif 304#endif
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 5bff836c50..e372853063 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ossl.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_ossl.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -212,12 +212,10 @@ err:
212 BN_free(r); 212 BN_free(r);
213 BN_free(s); 213 BN_free(s);
214 } 214 }
215 if (ctx != NULL) 215 BN_CTX_free(ctx);
216 BN_CTX_free(ctx);
217 BN_clear_free(&m); 216 BN_clear_free(&m);
218 BN_clear_free(&xr); 217 BN_clear_free(&xr);
219 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ 218 BN_clear_free(kinv);
220 BN_clear_free(kinv);
221 return ret; 219 return ret;
222} 220}
223 221
@@ -295,19 +293,16 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
295 if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL) 293 if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
296 goto err; 294 goto err;
297 295
298 if (*kinvp != NULL) 296 BN_clear_free(*kinvp);
299 BN_clear_free(*kinvp);
300 *kinvp = kinv; 297 *kinvp = kinv;
301 kinv = NULL; 298 kinv = NULL;
302 if (*rp != NULL) 299 BN_clear_free(*rp);
303 BN_clear_free(*rp);
304 *rp = r; 300 *rp = r;
305 ret = 1; 301 ret = 1;
306err: 302err:
307 if (!ret) { 303 if (!ret) {
308 DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB); 304 DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
309 if (r != NULL) 305 BN_clear_free(r);
310 BN_clear_free(r);
311 } 306 }
312 if (ctx_in == NULL) 307 if (ctx_in == NULL)
313 BN_CTX_free(ctx); 308 BN_CTX_free(ctx);
@@ -406,8 +401,7 @@ err:
406 there is no error in BN. Test should be ret == -1 (Ben) */ 401 there is no error in BN. Test should be ret == -1 (Ben) */
407 if (ret != 1) 402 if (ret != 1)
408 DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB); 403 DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
409 if (ctx != NULL) 404 BN_CTX_free(ctx);
410 BN_CTX_free(ctx);
411 BN_free(&u1); 405 BN_free(&u1);
412 BN_free(&u2); 406 BN_free(&u2);
413 BN_free(&t1); 407 BN_free(&t1);
@@ -424,8 +418,7 @@ dsa_init(DSA *dsa)
424static int 418static int
425dsa_finish(DSA *dsa) 419dsa_finish(DSA *dsa)
426{ 420{
427 if (dsa->method_mont_p) 421 BN_MONT_CTX_free(dsa->method_mont_p);
428 BN_MONT_CTX_free(dsa->method_mont_p);
429 return 1; 422 return 1;
430} 423}
431 424
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index efeb35477c..80e002c4a7 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_sign.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_sign.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -91,10 +91,8 @@ void
91DSA_SIG_free(DSA_SIG *sig) 91DSA_SIG_free(DSA_SIG *sig)
92{ 92{
93 if (sig) { 93 if (sig) {
94 if (sig->r) 94 BN_free(sig->r);
95 BN_free(sig->r); 95 BN_free(sig->s);
96 if (sig->s)
97 BN_free(sig->s);
98 free(sig); 96 free(sig);
99 } 97 }
100} 98}
diff --git a/src/lib/libcrypto/ec/ec2_mult.c b/src/lib/libcrypto/ec/ec2_mult.c
index 6c3a759dc8..c74571f88c 100644
--- a/src/lib/libcrypto/ec/ec2_mult.c
+++ b/src/lib/libcrypto/ec/ec2_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_mult.c,v 1.4 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_mult.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -421,12 +421,9 @@ ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
421 ret = 1; 421 ret = 1;
422 422
423err: 423err:
424 if (p) 424 EC_POINT_free(p);
425 EC_POINT_free(p); 425 EC_POINT_free(acc);
426 if (acc) 426 BN_CTX_free(new_ctx);
427 EC_POINT_free(acc);
428 if (new_ctx != NULL)
429 BN_CTX_free(new_ctx);
430 return ret; 427 return ret;
431} 428}
432 429
diff --git a/src/lib/libcrypto/ec/ec2_oct.c b/src/lib/libcrypto/ec/ec2_oct.c
index 5150423b99..3b8039af6e 100644
--- a/src/lib/libcrypto/ec/ec2_oct.c
+++ b/src/lib/libcrypto/ec/ec2_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_oct.c,v 1.4 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_oct.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -157,8 +157,7 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point
157 157
158err: 158err:
159 BN_CTX_end(ctx); 159 BN_CTX_end(ctx);
160 if (new_ctx != NULL) 160 BN_CTX_free(new_ctx);
161 BN_CTX_free(new_ctx);
162 return ret; 161 return ret;
163} 162}
164 163
@@ -267,15 +266,13 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
267 } 266 }
268 if (used_ctx) 267 if (used_ctx)
269 BN_CTX_end(ctx); 268 BN_CTX_end(ctx);
270 if (new_ctx != NULL) 269 BN_CTX_free(new_ctx);
271 BN_CTX_free(new_ctx);
272 return ret; 270 return ret;
273 271
274err: 272err:
275 if (used_ctx) 273 if (used_ctx)
276 BN_CTX_end(ctx); 274 BN_CTX_end(ctx);
277 if (new_ctx != NULL) 275 BN_CTX_free(new_ctx);
278 BN_CTX_free(new_ctx);
279 return 0; 276 return 0;
280} 277}
281 278
@@ -375,8 +372,7 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
375 372
376err: 373err:
377 BN_CTX_end(ctx); 374 BN_CTX_end(ctx);
378 if (new_ctx != NULL) 375 BN_CTX_free(new_ctx);
379 BN_CTX_free(new_ctx);
380 return ret; 376 return ret;
381} 377}
382#endif 378#endif
diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c
index 001ffcc077..0031a161c7 100644
--- a/src/lib/libcrypto/ec/ec2_smpl.c
+++ b/src/lib/libcrypto/ec/ec2_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_smpl.c,v 1.11 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_smpl.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -310,8 +310,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
310err: 310err:
311 if (ctx != NULL) 311 if (ctx != NULL)
312 BN_CTX_end(ctx); 312 BN_CTX_end(ctx);
313 if (new_ctx != NULL) 313 BN_CTX_free(new_ctx);
314 BN_CTX_free(new_ctx);
315 return ret; 314 return ret;
316} 315}
317 316
@@ -547,8 +546,7 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
547 546
548err: 547err:
549 BN_CTX_end(ctx); 548 BN_CTX_end(ctx);
550 if (new_ctx != NULL) 549 BN_CTX_free(new_ctx);
551 BN_CTX_free(new_ctx);
552 return ret; 550 return ret;
553} 551}
554 552
@@ -641,8 +639,7 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX
641err: 639err:
642 if (ctx) 640 if (ctx)
643 BN_CTX_end(ctx); 641 BN_CTX_end(ctx);
644 if (new_ctx) 642 BN_CTX_free(new_ctx);
645 BN_CTX_free(new_ctx);
646 return ret; 643 return ret;
647} 644}
648 645
@@ -691,8 +688,7 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT *
691err: 688err:
692 if (ctx) 689 if (ctx)
693 BN_CTX_end(ctx); 690 BN_CTX_end(ctx);
694 if (new_ctx) 691 BN_CTX_free(new_ctx);
695 BN_CTX_free(new_ctx);
696 return ret; 692 return ret;
697} 693}
698 694
@@ -733,8 +729,7 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct
733err: 729err:
734 if (ctx) 730 if (ctx)
735 BN_CTX_end(ctx); 731 BN_CTX_end(ctx);
736 if (new_ctx) 732 BN_CTX_free(new_ctx);
737 BN_CTX_free(new_ctx);
738 return ret; 733 return ret;
739} 734}
740 735
diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c
index 93e305b71a..c201815621 100644
--- a/src/lib/libcrypto/ec/ec_ameth.c
+++ b/src/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_ameth.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ec_ameth.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -492,12 +492,9 @@ do_EC_KEY_print(BIO * bp, const EC_KEY * x, int off, int ktype)
492err: 492err:
493 if (!ret) 493 if (!ret)
494 ECerr(EC_F_DO_EC_KEY_PRINT, reason); 494 ECerr(EC_F_DO_EC_KEY_PRINT, reason);
495 if (pub_key) 495 BN_free(pub_key);
496 BN_free(pub_key); 496 BN_free(order);
497 if (order) 497 BN_CTX_free(ctx);
498 BN_free(order);
499 if (ctx)
500 BN_CTX_free(ctx);
501 free(buffer); 498 free(buffer);
502 return (ret); 499 return (ret);
503} 500}
diff --git a/src/lib/libcrypto/ec/ec_asn1.c b/src/lib/libcrypto/ec/ec_asn1.c
index ef87b599f2..c54f6593d5 100644
--- a/src/lib/libcrypto/ec/ec_asn1.c
+++ b/src/lib/libcrypto/ec/ec_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_asn1.c,v 1.9 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_asn1.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -404,8 +404,8 @@ ec_asn1_group2fieldid(const EC_GROUP * group, X9_62_FIELDID * field)
404 404
405 ok = 1; 405 ok = 1;
406 406
407err: if (tmp) 407err:
408 BN_free(tmp); 408 BN_free(tmp);
409 return (ok); 409 return (ok);
410} 410}
411 411
@@ -509,12 +509,11 @@ ec_asn1_group2curve(const EC_GROUP * group, X9_62_CURVE * curve)
509 509
510 ok = 1; 510 ok = 1;
511 511
512err: free(buffer_1); 512err:
513 free(buffer_1);
513 free(buffer_2); 514 free(buffer_2);
514 if (tmp_1) 515 BN_free(tmp_1);
515 BN_free(tmp_1); 516 BN_free(tmp_2);
516 if (tmp_2)
517 BN_free(tmp_2);
518 return (ok); 517 return (ok);
519} 518}
520 519
@@ -608,8 +607,7 @@ err: if (!ok) {
608 ECPARAMETERS_free(ret); 607 ECPARAMETERS_free(ret);
609 ret = NULL; 608 ret = NULL;
610 } 609 }
611 if (tmp) 610 BN_free(tmp);
612 BN_free(tmp);
613 free(buffer); 611 free(buffer);
614 return (ret); 612 return (ret);
615} 613}
@@ -849,10 +847,8 @@ ec_asn1_parameters2group(const ECPARAMETERS * params)
849 } 847 }
850 /* extract the cofactor (optional) */ 848 /* extract the cofactor (optional) */
851 if (params->cofactor == NULL) { 849 if (params->cofactor == NULL) {
852 if (b) { 850 BN_free(b);
853 BN_free(b); 851 b = NULL;
854 b = NULL;
855 }
856 } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) { 852 } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
857 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); 853 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
858 goto err; 854 goto err;
@@ -865,18 +861,13 @@ ec_asn1_parameters2group(const ECPARAMETERS * params)
865 ok = 1; 861 ok = 1;
866 862
867err: if (!ok) { 863err: if (!ok) {
868 if (ret) 864 EC_GROUP_clear_free(ret);
869 EC_GROUP_clear_free(ret);
870 ret = NULL; 865 ret = NULL;
871 } 866 }
872 if (p) 867 BN_free(p);
873 BN_free(p); 868 BN_free(a);
874 if (a) 869 BN_free(b);
875 BN_free(a); 870 EC_POINT_free(point);
876 if (b)
877 BN_free(b);
878 if (point)
879 EC_POINT_free(point);
880 return (ret); 871 return (ret);
881} 872}
882 873
@@ -992,8 +983,7 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
992 ret = *a; 983 ret = *a;
993 984
994 if (priv_key->parameters) { 985 if (priv_key->parameters) {
995 if (ret->group) 986 EC_GROUP_clear_free(ret->group);
996 EC_GROUP_clear_free(ret->group);
997 ret->group = ec_asn1_pkparameters2group(priv_key->parameters); 987 ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
998 } 988 }
999 if (ret->group == NULL) { 989 if (ret->group == NULL) {
@@ -1022,8 +1012,7 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
1022 const unsigned char *pub_oct; 1012 const unsigned char *pub_oct;
1023 size_t pub_oct_len; 1013 size_t pub_oct_len;
1024 1014
1025 if (ret->pub_key) 1015 EC_POINT_clear_free(ret->pub_key);
1026 EC_POINT_clear_free(ret->pub_key);
1027 ret->pub_key = EC_POINT_new(ret->group); 1016 ret->pub_key = EC_POINT_new(ret->group);
1028 if (ret->pub_key == NULL) { 1017 if (ret->pub_key == NULL) {
1029 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1018 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
diff --git a/src/lib/libcrypto/ec/ec_check.c b/src/lib/libcrypto/ec/ec_check.c
index 585590514f..779e03cc2b 100644
--- a/src/lib/libcrypto/ec/ec_check.c
+++ b/src/lib/libcrypto/ec/ec_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_check.c,v 1.3 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ec_check.c,v 1.4 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -109,9 +109,7 @@ EC_GROUP_check(const EC_GROUP * group, BN_CTX * ctx)
109err: 109err:
110 if (ctx != NULL) 110 if (ctx != NULL)
111 BN_CTX_end(ctx); 111 BN_CTX_end(ctx);
112 if (new_ctx != NULL) 112 BN_CTX_free(new_ctx);
113 BN_CTX_free(new_ctx); 113 EC_POINT_free(point);
114 if (point)
115 EC_POINT_free(point);
116 return ret; 114 return ret;
117} 115}
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index baac8c7156..9d36d0bf22 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.6 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -2981,22 +2981,14 @@ err:
2981 EC_GROUP_free(group); 2981 EC_GROUP_free(group);
2982 group = NULL; 2982 group = NULL;
2983 } 2983 }
2984 if (P) 2984 EC_POINT_free(P);
2985 EC_POINT_free(P); 2985 BN_CTX_free(ctx);
2986 if (ctx) 2986 BN_free(p);
2987 BN_CTX_free(ctx); 2987 BN_free(a);
2988 if (p) 2988 BN_free(b);
2989 BN_free(p); 2989 BN_free(order);
2990 if (a) 2990 BN_free(x);
2991 BN_free(a); 2991 BN_free(y);
2992 if (b)
2993 BN_free(b);
2994 if (order)
2995 BN_free(order);
2996 if (x)
2997 BN_free(x);
2998 if (y)
2999 BN_free(y);
3000 return group; 2992 return group;
3001} 2993}
3002 2994
diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c
index 7067a949da..1154c4dbf5 100644
--- a/src/lib/libcrypto/ec/ec_key.c
+++ b/src/lib/libcrypto/ec/ec_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_key.c,v 1.8 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_key.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -116,12 +116,9 @@ EC_KEY_free(EC_KEY * r)
116 if (i > 0) 116 if (i > 0)
117 return; 117 return;
118 118
119 if (r->group != NULL) 119 EC_GROUP_free(r->group);
120 EC_GROUP_free(r->group); 120 EC_POINT_free(r->pub_key);
121 if (r->pub_key != NULL) 121 BN_clear_free(r->priv_key);
122 EC_POINT_free(r->pub_key);
123 if (r->priv_key != NULL)
124 BN_clear_free(r->priv_key);
125 122
126 EC_EX_DATA_free_all_data(&r->method_data); 123 EC_EX_DATA_free_all_data(&r->method_data);
127 124
@@ -143,8 +140,7 @@ EC_KEY_copy(EC_KEY * dest, const EC_KEY * src)
143 if (src->group) { 140 if (src->group) {
144 const EC_METHOD *meth = EC_GROUP_method_of(src->group); 141 const EC_METHOD *meth = EC_GROUP_method_of(src->group);
145 /* clear the old group */ 142 /* clear the old group */
146 if (dest->group) 143 EC_GROUP_free(dest->group);
147 EC_GROUP_free(dest->group);
148 dest->group = EC_GROUP_new(meth); 144 dest->group = EC_GROUP_new(meth);
149 if (dest->group == NULL) 145 if (dest->group == NULL)
150 return NULL; 146 return NULL;
@@ -153,8 +149,7 @@ EC_KEY_copy(EC_KEY * dest, const EC_KEY * src)
153 } 149 }
154 /* copy the public key */ 150 /* copy the public key */
155 if (src->pub_key && src->group) { 151 if (src->pub_key && src->group) {
156 if (dest->pub_key) 152 EC_POINT_free(dest->pub_key);
157 EC_POINT_free(dest->pub_key);
158 dest->pub_key = EC_POINT_new(src->group); 153 dest->pub_key = EC_POINT_new(src->group);
159 if (dest->pub_key == NULL) 154 if (dest->pub_key == NULL)
160 return NULL; 155 return NULL;
@@ -261,14 +256,12 @@ EC_KEY_generate_key(EC_KEY * eckey)
261 ok = 1; 256 ok = 1;
262 257
263err: 258err:
264 if (order) 259 BN_free(order);
265 BN_free(order);
266 if (pub_key != NULL && eckey->pub_key == NULL) 260 if (pub_key != NULL && eckey->pub_key == NULL)
267 EC_POINT_free(pub_key); 261 EC_POINT_free(pub_key);
268 if (priv_key != NULL && eckey->priv_key == NULL) 262 if (priv_key != NULL && eckey->priv_key == NULL)
269 BN_free(priv_key); 263 BN_free(priv_key);
270 if (ctx != NULL) 264 BN_CTX_free(ctx);
271 BN_CTX_free(ctx);
272 return (ok); 265 return (ok);
273} 266}
274 267
@@ -334,10 +327,8 @@ EC_KEY_check_key(const EC_KEY * eckey)
334 } 327 }
335 ok = 1; 328 ok = 1;
336err: 329err:
337 if (ctx != NULL) 330 BN_CTX_free(ctx);
338 BN_CTX_free(ctx); 331 EC_POINT_free(point);
339 if (point != NULL)
340 EC_POINT_free(point);
341 return (ok); 332 return (ok);
342} 333}
343 334
@@ -406,10 +397,8 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
406 ok = 1; 397 ok = 1;
407 398
408err: 399err:
409 if (ctx) 400 BN_CTX_free(ctx);
410 BN_CTX_free(ctx); 401 EC_POINT_free(point);
411 if (point)
412 EC_POINT_free(point);
413 return ok; 402 return ok;
414 403
415} 404}
@@ -423,8 +412,7 @@ EC_KEY_get0_group(const EC_KEY * key)
423int 412int
424EC_KEY_set_group(EC_KEY * key, const EC_GROUP * group) 413EC_KEY_set_group(EC_KEY * key, const EC_GROUP * group)
425{ 414{
426 if (key->group != NULL) 415 EC_GROUP_free(key->group);
427 EC_GROUP_free(key->group);
428 key->group = EC_GROUP_dup(group); 416 key->group = EC_GROUP_dup(group);
429 return (key->group == NULL) ? 0 : 1; 417 return (key->group == NULL) ? 0 : 1;
430} 418}
@@ -438,8 +426,7 @@ EC_KEY_get0_private_key(const EC_KEY * key)
438int 426int
439EC_KEY_set_private_key(EC_KEY * key, const BIGNUM * priv_key) 427EC_KEY_set_private_key(EC_KEY * key, const BIGNUM * priv_key)
440{ 428{
441 if (key->priv_key) 429 BN_clear_free(key->priv_key);
442 BN_clear_free(key->priv_key);
443 key->priv_key = BN_dup(priv_key); 430 key->priv_key = BN_dup(priv_key);
444 return (key->priv_key == NULL) ? 0 : 1; 431 return (key->priv_key == NULL) ? 0 : 1;
445} 432}
@@ -453,8 +440,7 @@ EC_KEY_get0_public_key(const EC_KEY * key)
453int 440int
454EC_KEY_set_public_key(EC_KEY * key, const EC_POINT * pub_key) 441EC_KEY_set_public_key(EC_KEY * key, const EC_POINT * pub_key)
455{ 442{
456 if (key->pub_key != NULL) 443 EC_POINT_free(key->pub_key);
457 EC_POINT_free(key->pub_key);
458 key->pub_key = EC_POINT_dup(pub_key, key->group); 444 key->pub_key = EC_POINT_dup(pub_key, key->group);
459 return (key->pub_key == NULL) ? 0 : 1; 445 return (key->pub_key == NULL) ? 0 : 1;
460} 446}
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 3d8b96eb1f..47ccc614d1 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_lib.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -124,8 +124,7 @@ EC_GROUP_free(EC_GROUP * group)
124 124
125 EC_EX_DATA_free_all_data(&group->extra_data); 125 EC_EX_DATA_free_all_data(&group->extra_data);
126 126
127 if (group->generator != NULL) 127 EC_POINT_free(group->generator);
128 EC_POINT_free(group->generator);
129 BN_free(&group->order); 128 BN_free(&group->order);
130 BN_free(&group->cofactor); 129 BN_free(&group->cofactor);
131 130
@@ -148,8 +147,7 @@ EC_GROUP_clear_free(EC_GROUP * group)
148 147
149 EC_EX_DATA_clear_free_all_data(&group->extra_data); 148 EC_EX_DATA_clear_free_all_data(&group->extra_data);
150 149
151 if (group->generator != NULL) 150 EC_POINT_clear_free(group->generator);
152 EC_POINT_clear_free(group->generator);
153 BN_clear_free(&group->order); 151 BN_clear_free(&group->order);
154 BN_clear_free(&group->cofactor); 152 BN_clear_free(&group->cofactor);
155 153
@@ -200,10 +198,8 @@ EC_GROUP_copy(EC_GROUP * dest, const EC_GROUP * src)
200 return 0; 198 return 0;
201 } else { 199 } else {
202 /* src->generator == NULL */ 200 /* src->generator == NULL */
203 if (dest->generator != NULL) { 201 EC_POINT_clear_free(dest->generator);
204 EC_POINT_clear_free(dest->generator); 202 dest->generator = NULL;
205 dest->generator = NULL;
206 }
207 } 203 }
208 204
209 if (!BN_copy(&dest->order, &src->order)) 205 if (!BN_copy(&dest->order, &src->order))
@@ -252,8 +248,7 @@ EC_GROUP_dup(const EC_GROUP * a)
252 248
253err: 249err:
254 if (!ok) { 250 if (!ok) {
255 if (t) 251 EC_GROUP_free(t);
256 EC_GROUP_free(t);
257 return NULL; 252 return NULL;
258 } else 253 } else
259 return t; 254 return t;
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index b6f74a1b09..4e49ce4f7b 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.13 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -679,10 +679,8 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
679 ret = 1; 679 ret = 1;
680 680
681err: 681err:
682 if (new_ctx != NULL) 682 BN_CTX_free(new_ctx);
683 BN_CTX_free(new_ctx); 683 EC_POINT_free(tmp);
684 if (tmp != NULL)
685 EC_POINT_free(tmp);
686 free(wsize); 684 free(wsize);
687 free(wNAF_len); 685 free(wNAF_len);
688 if (wNAF != NULL) { 686 if (wNAF != NULL) {
@@ -862,10 +860,8 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
862err: 860err:
863 if (ctx != NULL) 861 if (ctx != NULL)
864 BN_CTX_end(ctx); 862 BN_CTX_end(ctx);
865 if (new_ctx != NULL) 863 BN_CTX_free(new_ctx);
866 BN_CTX_free(new_ctx); 864 ec_pre_comp_free(pre_comp);
867 if (pre_comp)
868 ec_pre_comp_free(pre_comp);
869 if (points) { 865 if (points) {
870 EC_POINT **p; 866 EC_POINT **p;
871 867
@@ -873,10 +869,8 @@ err:
873 EC_POINT_free(*p); 869 EC_POINT_free(*p);
874 free(points); 870 free(points);
875 } 871 }
876 if (tmp_point) 872 EC_POINT_free(tmp_point);
877 EC_POINT_free(tmp_point); 873 EC_POINT_free(base);
878 if (base)
879 EC_POINT_free(base);
880 return ret; 874 return ret;
881} 875}
882 876
diff --git a/src/lib/libcrypto/ec/ec_pmeth.c b/src/lib/libcrypto/ec/ec_pmeth.c
index 7ba1d50d7f..07933dc5fd 100644
--- a/src/lib/libcrypto/ec/ec_pmeth.c
+++ b/src/lib/libcrypto/ec/ec_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_pmeth.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ec_pmeth.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -114,8 +114,7 @@ pkey_ec_cleanup(EVP_PKEY_CTX * ctx)
114{ 114{
115 EC_PKEY_CTX *dctx = ctx->data; 115 EC_PKEY_CTX *dctx = ctx->data;
116 if (dctx) { 116 if (dctx) {
117 if (dctx->gen_group) 117 EC_GROUP_free(dctx->gen_group);
118 EC_GROUP_free(dctx->gen_group);
119 free(dctx); 118 free(dctx);
120 } 119 }
121} 120}
@@ -213,8 +212,7 @@ pkey_ec_ctrl(EVP_PKEY_CTX * ctx, int type, int p1, void *p2)
213 ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE); 212 ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
214 return 0; 213 return 0;
215 } 214 }
216 if (dctx->gen_group) 215 EC_GROUP_free(dctx->gen_group);
217 EC_GROUP_free(dctx->gen_group);
218 dctx->gen_group = group; 216 dctx->gen_group = group;
219 return 1; 217 return 1;
220 218
diff --git a/src/lib/libcrypto/ec/eck_prn.c b/src/lib/libcrypto/ec/eck_prn.c
index b0c8bcd22a..aa13d8b08c 100644
--- a/src/lib/libcrypto/ec/eck_prn.c
+++ b/src/lib/libcrypto/ec/eck_prn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eck_prn.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: eck_prn.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -315,20 +315,13 @@ ECPKParameters_print(BIO * bp, const EC_GROUP * x, int off)
315err: 315err:
316 if (!ret) 316 if (!ret)
317 ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); 317 ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
318 if (p) 318 BN_free(p);
319 BN_free(p); 319 BN_free(a);
320 if (a) 320 BN_free(b);
321 BN_free(a); 321 BN_free(gen);
322 if (b) 322 BN_free(order);
323 BN_free(b); 323 BN_free(cofactor);
324 if (gen) 324 BN_CTX_free(ctx);
325 BN_free(gen);
326 if (order)
327 BN_free(order);
328 if (cofactor)
329 BN_free(cofactor);
330 if (ctx)
331 BN_CTX_free(ctx);
332 free(buffer); 325 free(buffer);
333 return (ret); 326 return (ret);
334} 327}
diff --git a/src/lib/libcrypto/ec/ecp_mont.c b/src/lib/libcrypto/ec/ecp_mont.c
index ffbce81d4c..af8014ed38 100644
--- a/src/lib/libcrypto/ec/ecp_mont.c
+++ b/src/lib/libcrypto/ec/ecp_mont.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_mont.c,v 1.8 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_mont.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -128,14 +128,10 @@ ec_GFp_mont_group_init(EC_GROUP * group)
128void 128void
129ec_GFp_mont_group_finish(EC_GROUP * group) 129ec_GFp_mont_group_finish(EC_GROUP * group)
130{ 130{
131 if (group->field_data1 != NULL) { 131 BN_MONT_CTX_free(group->field_data1);
132 BN_MONT_CTX_free(group->field_data1); 132 group->field_data1 = NULL;
133 group->field_data1 = NULL; 133 BN_free(group->field_data2);
134 } 134 group->field_data2 = NULL;
135 if (group->field_data2 != NULL) {
136 BN_free(group->field_data2);
137 group->field_data2 = NULL;
138 }
139 ec_GFp_simple_group_finish(group); 135 ec_GFp_simple_group_finish(group);
140} 136}
141 137
@@ -143,14 +139,10 @@ ec_GFp_mont_group_finish(EC_GROUP * group)
143void 139void
144ec_GFp_mont_group_clear_finish(EC_GROUP * group) 140ec_GFp_mont_group_clear_finish(EC_GROUP * group)
145{ 141{
146 if (group->field_data1 != NULL) { 142 BN_MONT_CTX_free(group->field_data1);
147 BN_MONT_CTX_free(group->field_data1); 143 group->field_data1 = NULL;
148 group->field_data1 = NULL; 144 BN_clear_free(group->field_data2);
149 } 145 group->field_data2 = NULL;
150 if (group->field_data2 != NULL) {
151 BN_clear_free(group->field_data2);
152 group->field_data2 = NULL;
153 }
154 ec_GFp_simple_group_clear_finish(group); 146 ec_GFp_simple_group_clear_finish(group);
155} 147}
156 148
@@ -158,14 +150,11 @@ ec_GFp_mont_group_clear_finish(EC_GROUP * group)
158int 150int
159ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src) 151ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src)
160{ 152{
161 if (dest->field_data1 != NULL) { 153 BN_MONT_CTX_free(dest->field_data1);
162 BN_MONT_CTX_free(dest->field_data1); 154 dest->field_data1 = NULL;
163 dest->field_data1 = NULL; 155 BN_clear_free(dest->field_data2);
164 } 156 dest->field_data2 = NULL;
165 if (dest->field_data2 != NULL) { 157
166 BN_clear_free(dest->field_data2);
167 dest->field_data2 = NULL;
168 }
169 if (!ec_GFp_simple_group_copy(dest, src)) 158 if (!ec_GFp_simple_group_copy(dest, src))
170 return 0; 159 return 0;
171 160
@@ -201,14 +190,10 @@ ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
201 BIGNUM *one = NULL; 190 BIGNUM *one = NULL;
202 int ret = 0; 191 int ret = 0;
203 192
204 if (group->field_data1 != NULL) { 193 BN_MONT_CTX_free(group->field_data1);
205 BN_MONT_CTX_free(group->field_data1); 194 group->field_data1 = NULL;
206 group->field_data1 = NULL; 195 BN_free(group->field_data2);
207 } 196 group->field_data2 = NULL;
208 if (group->field_data2 != NULL) {
209 BN_free(group->field_data2);
210 group->field_data2 = NULL;
211 }
212 if (ctx == NULL) { 197 if (ctx == NULL) {
213 ctx = new_ctx = BN_CTX_new(); 198 ctx = new_ctx = BN_CTX_new();
214 if (ctx == NULL) 199 if (ctx == NULL)
@@ -241,10 +226,8 @@ ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
241 group->field_data2 = NULL; 226 group->field_data2 = NULL;
242 } 227 }
243err: 228err:
244 if (new_ctx != NULL) 229 BN_CTX_free(new_ctx);
245 BN_CTX_free(new_ctx); 230 BN_MONT_CTX_free(mont);
246 if (mont != NULL)
247 BN_MONT_CTX_free(mont);
248 return ret; 231 return ret;
249} 232}
250 233
diff --git a/src/lib/libcrypto/ec/ecp_nist.c b/src/lib/libcrypto/ec/ecp_nist.c
index d49d1735f3..a33f9d9e39 100644
--- a/src/lib/libcrypto/ec/ecp_nist.c
+++ b/src/lib/libcrypto/ec/ecp_nist.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nist.c,v 1.8 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_nist.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -153,8 +153,7 @@ ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
153 153
154err: 154err:
155 BN_CTX_end(ctx); 155 BN_CTX_end(ctx);
156 if (new_ctx != NULL) 156 BN_CTX_free(new_ctx);
157 BN_CTX_free(new_ctx);
158 return ret; 157 return ret;
159} 158}
160 159
@@ -181,8 +180,7 @@ ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
181 180
182 ret = 1; 181 ret = 1;
183err: 182err:
184 if (ctx_new) 183 BN_CTX_free(ctx_new);
185 BN_CTX_free(ctx_new);
186 return ret; 184 return ret;
187} 185}
188 186
@@ -209,7 +207,6 @@ ec_GFp_nist_field_sqr(const EC_GROUP * group, BIGNUM * r, const BIGNUM * a,
209 207
210 ret = 1; 208 ret = 1;
211err: 209err:
212 if (ctx_new) 210 BN_CTX_free(ctx_new);
213 BN_CTX_free(ctx_new);
214 return ret; 211 return ret;
215} 212}
diff --git a/src/lib/libcrypto/ec/ecp_nistp224.c b/src/lib/libcrypto/ec/ecp_nistp224.c
index c466d2db83..ed0bad2a72 100644
--- a/src/lib/libcrypto/ec/ecp_nistp224.c
+++ b/src/lib/libcrypto/ec/ecp_nistp224.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp224.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp224.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Emilia Kasper (Google) for the OpenSSL project. 3 * Written by Emilia Kasper (Google) for the OpenSSL project.
4 */ 4 */
@@ -1285,8 +1285,7 @@ ec_GFp_nistp224_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1285 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1285 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1286err: 1286err:
1287 BN_CTX_end(ctx); 1287 BN_CTX_end(ctx);
1288 if (new_ctx != NULL) 1288 BN_CTX_free(new_ctx);
1289 BN_CTX_free(new_ctx);
1290 return ret; 1289 return ret;
1291} 1290}
1292 1291
@@ -1545,10 +1544,8 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r,
1545 1544
1546err: 1545err:
1547 BN_CTX_end(ctx); 1546 BN_CTX_end(ctx);
1548 if (generator != NULL) 1547 EC_POINT_free(generator);
1549 EC_POINT_free(generator); 1548 BN_CTX_free(new_ctx);
1550 if (new_ctx != NULL)
1551 BN_CTX_free(new_ctx);
1552 free(secrets); 1549 free(secrets);
1553 free(pre_comp); 1550 free(pre_comp);
1554 free(tmp_felems); 1551 free(tmp_felems);
@@ -1676,12 +1673,9 @@ ec_GFp_nistp224_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
1676 pre = NULL; 1673 pre = NULL;
1677err: 1674err:
1678 BN_CTX_end(ctx); 1675 BN_CTX_end(ctx);
1679 if (generator != NULL) 1676 EC_POINT_free(generator);
1680 EC_POINT_free(generator); 1677 BN_CTX_free(new_ctx);
1681 if (new_ctx != NULL) 1678 nistp224_pre_comp_free(pre);
1682 BN_CTX_free(new_ctx);
1683 if (pre)
1684 nistp224_pre_comp_free(pre);
1685 return ret; 1679 return ret;
1686} 1680}
1687 1681
diff --git a/src/lib/libcrypto/ec/ecp_nistp256.c b/src/lib/libcrypto/ec/ecp_nistp256.c
index 7b122e6307..6905b614bc 100644
--- a/src/lib/libcrypto/ec/ecp_nistp256.c
+++ b/src/lib/libcrypto/ec/ecp_nistp256.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp256.c,v 1.13 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp256.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Adam Langley (Google) for the OpenSSL project 3 * Written by Adam Langley (Google) for the OpenSSL project
4 */ 4 */
@@ -1834,8 +1834,7 @@ ec_GFp_nistp256_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1834 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1834 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1835err: 1835err:
1836 BN_CTX_end(ctx); 1836 BN_CTX_end(ctx);
1837 if (new_ctx != NULL) 1837 BN_CTX_free(new_ctx);
1838 BN_CTX_free(new_ctx);
1839 return ret; 1838 return ret;
1840} 1839}
1841 1840
@@ -2098,10 +2097,8 @@ ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r,
2098 2097
2099err: 2098err:
2100 BN_CTX_end(ctx); 2099 BN_CTX_end(ctx);
2101 if (generator != NULL) 2100 EC_POINT_free(generator);
2102 EC_POINT_free(generator); 2101 BN_CTX_free(new_ctx);
2103 if (new_ctx != NULL)
2104 BN_CTX_free(new_ctx);
2105 free(secrets); 2102 free(secrets);
2106 free(pre_comp); 2103 free(pre_comp);
2107 free(tmp_smallfelems); 2104 free(tmp_smallfelems);
@@ -2223,12 +2220,9 @@ ec_GFp_nistp256_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
2223 pre = NULL; 2220 pre = NULL;
2224err: 2221err:
2225 BN_CTX_end(ctx); 2222 BN_CTX_end(ctx);
2226 if (generator != NULL) 2223 EC_POINT_free(generator);
2227 EC_POINT_free(generator); 2224 BN_CTX_free(new_ctx);
2228 if (new_ctx != NULL) 2225 nistp256_pre_comp_free(pre);
2229 BN_CTX_free(new_ctx);
2230 if (pre)
2231 nistp256_pre_comp_free(pre);
2232 return ret; 2226 return ret;
2233} 2227}
2234 2228
diff --git a/src/lib/libcrypto/ec/ecp_nistp521.c b/src/lib/libcrypto/ec/ecp_nistp521.c
index cec0a3b470..c9313ada8e 100644
--- a/src/lib/libcrypto/ec/ecp_nistp521.c
+++ b/src/lib/libcrypto/ec/ecp_nistp521.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp521.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp521.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Adam Langley (Google) for the OpenSSL project 3 * Written by Adam Langley (Google) for the OpenSSL project
4 */ 4 */
@@ -1725,8 +1725,7 @@ ec_GFp_nistp521_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1725 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1725 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1726err: 1726err:
1727 BN_CTX_end(ctx); 1727 BN_CTX_end(ctx);
1728 if (new_ctx != NULL) 1728 BN_CTX_free(new_ctx);
1729 BN_CTX_free(new_ctx);
1730 return ret; 1729 return ret;
1731} 1730}
1732 1731
@@ -1985,10 +1984,8 @@ ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r,
1985 1984
1986err: 1985err:
1987 BN_CTX_end(ctx); 1986 BN_CTX_end(ctx);
1988 if (generator != NULL) 1987 EC_POINT_free(generator);
1989 EC_POINT_free(generator); 1988 BN_CTX_free(new_ctx);
1990 if (new_ctx != NULL)
1991 BN_CTX_free(new_ctx);
1992 free(secrets); 1989 free(secrets);
1993 free(pre_comp); 1990 free(pre_comp);
1994 free(tmp_felems); 1991 free(tmp_felems);
@@ -2096,12 +2093,9 @@ ec_GFp_nistp521_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
2096 pre = NULL; 2093 pre = NULL;
2097err: 2094err:
2098 BN_CTX_end(ctx); 2095 BN_CTX_end(ctx);
2099 if (generator != NULL) 2096 EC_POINT_free(generator);
2100 EC_POINT_free(generator); 2097 BN_CTX_free(new_ctx);
2101 if (new_ctx != NULL) 2098 nistp521_pre_comp_free(pre);
2102 BN_CTX_free(new_ctx);
2103 if (pre)
2104 nistp521_pre_comp_free(pre);
2105 return ret; 2099 return ret;
2106} 2100}
2107 2101
diff --git a/src/lib/libcrypto/ec/ecp_oct.c b/src/lib/libcrypto/ec/ecp_oct.c
index 2f2920d70d..d2402ee0d8 100644
--- a/src/lib/libcrypto/ec/ecp_oct.c
+++ b/src/lib/libcrypto/ec/ecp_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_oct.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_oct.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -190,8 +190,7 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin
190 190
191err: 191err:
192 BN_CTX_end(ctx); 192 BN_CTX_end(ctx);
193 if (new_ctx != NULL) 193 BN_CTX_free(new_ctx);
194 BN_CTX_free(new_ctx);
195 return ret; 194 return ret;
196} 195}
197 196
@@ -290,15 +289,13 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co
290 } 289 }
291 if (used_ctx) 290 if (used_ctx)
292 BN_CTX_end(ctx); 291 BN_CTX_end(ctx);
293 if (new_ctx != NULL) 292 BN_CTX_free(new_ctx);
294 BN_CTX_free(new_ctx);
295 return ret; 293 return ret;
296 294
297err: 295err:
298 if (used_ctx) 296 if (used_ctx)
299 BN_CTX_end(ctx); 297 BN_CTX_end(ctx);
300 if (new_ctx != NULL) 298 BN_CTX_free(new_ctx);
301 BN_CTX_free(new_ctx);
302 return 0; 299 return 0;
303} 300}
304 301
@@ -391,7 +388,6 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
391 388
392err: 389err:
393 BN_CTX_end(ctx); 390 BN_CTX_end(ctx);
394 if (new_ctx != NULL) 391 BN_CTX_free(new_ctx);
395 BN_CTX_free(new_ctx);
396 return ret; 392 return ret;
397} 393}
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 5ba9a925d6..dabc5af899 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_smpl.c,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_smpl.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -222,8 +222,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group,
222 222
223err: 223err:
224 BN_CTX_end(ctx); 224 BN_CTX_end(ctx);
225 if (new_ctx != NULL) 225 BN_CTX_free(new_ctx);
226 BN_CTX_free(new_ctx);
227 return ret; 226 return ret;
228} 227}
229 228
@@ -267,8 +266,7 @@ ec_GFp_simple_group_get_curve(const EC_GROUP * group, BIGNUM * p, BIGNUM * a, BI
267 ret = 1; 266 ret = 1;
268 267
269err: 268err:
270 if (new_ctx) 269 BN_CTX_free(new_ctx);
271 BN_CTX_free(new_ctx);
272 return ret; 270 return ret;
273} 271}
274 272
@@ -348,8 +346,7 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
348err: 346err:
349 if (ctx != NULL) 347 if (ctx != NULL)
350 BN_CTX_end(ctx); 348 BN_CTX_end(ctx);
351 if (new_ctx != NULL) 349 BN_CTX_free(new_ctx);
352 BN_CTX_free(new_ctx);
353 return ret; 350 return ret;
354} 351}
355 352
@@ -457,8 +454,7 @@ ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP * group, EC_POINT *
457 ret = 1; 454 ret = 1;
458 455
459err: 456err:
460 if (new_ctx != NULL) 457 BN_CTX_free(new_ctx);
461 BN_CTX_free(new_ctx);
462 return ret; 458 return ret;
463} 459}
464 460
@@ -506,8 +502,7 @@ ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP * group, const EC_P
506 ret = 1; 502 ret = 1;
507 503
508err: 504err:
509 if (new_ctx != NULL) 505 BN_CTX_free(new_ctx);
510 BN_CTX_free(new_ctx);
511 return ret; 506 return ret;
512} 507}
513 508
@@ -626,8 +621,7 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN
626 621
627err: 622err:
628 BN_CTX_end(ctx); 623 BN_CTX_end(ctx);
629 if (new_ctx != NULL) 624 BN_CTX_free(new_ctx);
630 BN_CTX_free(new_ctx);
631 return ret; 625 return ret;
632} 626}
633 627
@@ -810,8 +804,7 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons
810end: 804end:
811 if (ctx) /* otherwise we already called BN_CTX_end */ 805 if (ctx) /* otherwise we already called BN_CTX_end */
812 BN_CTX_end(ctx); 806 BN_CTX_end(ctx);
813 if (new_ctx != NULL) 807 BN_CTX_free(new_ctx);
814 BN_CTX_free(new_ctx);
815 return ret; 808 return ret;
816} 809}
817 810
@@ -951,8 +944,7 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C
951 944
952err: 945err:
953 BN_CTX_end(ctx); 946 BN_CTX_end(ctx);
954 if (new_ctx != NULL) 947 BN_CTX_free(new_ctx);
955 BN_CTX_free(new_ctx);
956 return ret; 948 return ret;
957} 949}
958 950
@@ -1071,8 +1063,7 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX
1071 1063
1072err: 1064err:
1073 BN_CTX_end(ctx); 1065 BN_CTX_end(ctx);
1074 if (new_ctx != NULL) 1066 BN_CTX_free(new_ctx);
1075 BN_CTX_free(new_ctx);
1076 return ret; 1067 return ret;
1077} 1068}
1078 1069
@@ -1172,8 +1163,7 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b
1172 1163
1173end: 1164end:
1174 BN_CTX_end(ctx); 1165 BN_CTX_end(ctx);
1175 if (new_ctx != NULL) 1166 BN_CTX_free(new_ctx);
1176 BN_CTX_free(new_ctx);
1177 return ret; 1167 return ret;
1178} 1168}
1179 1169
@@ -1211,8 +1201,7 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx
1211 1201
1212err: 1202err:
1213 BN_CTX_end(ctx); 1203 BN_CTX_end(ctx);
1214 if (new_ctx != NULL) 1204 BN_CTX_free(new_ctx);
1215 BN_CTX_free(new_ctx);
1216 return ret; 1205 return ret;
1217} 1206}
1218 1207
@@ -1377,16 +1366,14 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1377 1366
1378err: 1367err:
1379 BN_CTX_end(ctx); 1368 BN_CTX_end(ctx);
1380 if (new_ctx != NULL) 1369 BN_CTX_free(new_ctx);
1381 BN_CTX_free(new_ctx);
1382 if (heap != NULL) { 1370 if (heap != NULL) {
1383 /* 1371 /*
1384 * heap[pow2/2] .. heap[pow2-1] have not been allocated 1372 * heap[pow2/2] .. heap[pow2-1] have not been allocated
1385 * locally! 1373 * locally!
1386 */ 1374 */
1387 for (i = pow2 / 2 - 1; i > 0; i--) { 1375 for (i = pow2 / 2 - 1; i > 0; i--) {
1388 if (heap[i] != NULL) 1376 BN_clear_free(heap[i]);
1389 BN_clear_free(heap[i]);
1390 } 1377 }
1391 free(heap); 1378 free(heap);
1392 } 1379 }
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
index d82ace3670..ee130edeee 100644
--- a/src/lib/libcrypto/ecdh/ech_ossl.c
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -201,9 +201,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
201 } 201 }
202 202
203err: 203err:
204 if (tmp) EC_POINT_free(tmp); 204 EC_POINT_free(tmp);
205 if (ctx) BN_CTX_end(ctx); 205 if (ctx)
206 if (ctx) BN_CTX_free(ctx); 206 BN_CTX_end(ctx);
207 BN_CTX_free(ctx);
207 free(buf); 208 free(buf);
208 return(ret); 209 return(ret);
209 } 210 }
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
index e2c4b1d6d1..0dde5386ff 100644
--- a/src/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_ossl.c,v 1.4 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecs_ossl.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project 3 * Written by Nils Larsch for the OpenSSL project
4 */ 4 */
@@ -189,28 +189,22 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
189 goto err; 189 goto err;
190 } 190 }
191 /* clear old values if necessary */ 191 /* clear old values if necessary */
192 if (*rp != NULL) 192 BN_clear_free(*rp);
193 BN_clear_free(*rp); 193 BN_clear_free(*kinvp);
194 if (*kinvp != NULL)
195 BN_clear_free(*kinvp);
196 /* save the pre-computed values */ 194 /* save the pre-computed values */
197 *rp = r; 195 *rp = r;
198 *kinvp = k; 196 *kinvp = k;
199 ret = 1; 197 ret = 1;
200err: 198err:
201 if (!ret) 199 if (!ret) {
202 { 200 BN_clear_free(k);
203 if (k != NULL) BN_clear_free(k); 201 BN_clear_free(r);
204 if (r != NULL) BN_clear_free(r);
205 } 202 }
206 if (ctx_in == NULL) 203 if (ctx_in == NULL)
207 BN_CTX_free(ctx); 204 BN_CTX_free(ctx);
208 if (order != NULL) 205 BN_free(order);
209 BN_free(order); 206 EC_POINT_free(tmp_point);
210 if (tmp_point != NULL) 207 BN_clear_free(X);
211 EC_POINT_free(tmp_point);
212 if (X)
213 BN_clear_free(X);
214 return(ret); 208 return(ret);
215} 209}
216 210
@@ -333,16 +327,11 @@ err:
333 ECDSA_SIG_free(ret); 327 ECDSA_SIG_free(ret);
334 ret = NULL; 328 ret = NULL;
335 } 329 }
336 if (ctx) 330 BN_CTX_free(ctx);
337 BN_CTX_free(ctx); 331 BN_clear_free(m);
338 if (m) 332 BN_clear_free(tmp);
339 BN_clear_free(m); 333 BN_free(order);
340 if (tmp) 334 BN_clear_free(kinv);
341 BN_clear_free(tmp);
342 if (order)
343 BN_free(order);
344 if (kinv)
345 BN_clear_free(kinv);
346 return ret; 335 return ret;
347} 336}
348 337
@@ -473,7 +462,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
473err: 462err:
474 BN_CTX_end(ctx); 463 BN_CTX_end(ctx);
475 BN_CTX_free(ctx); 464 BN_CTX_free(ctx);
476 if (point) 465 EC_POINT_free(point);
477 EC_POINT_free(point);
478 return ret; 466 return ret;
479} 467}
diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c
index daeb7e6ebb..358dac2088 100644
--- a/src/lib/libcrypto/engine/eng_rsax.c
+++ b/src/lib/libcrypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.9 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -307,12 +307,9 @@ e_rsax_rsa_finish(RSA *rsa)
307 free(hptr); 307 free(hptr);
308 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL); 308 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
309 } 309 }
310 if (rsa->_method_mod_n) 310 BN_MONT_CTX_free(rsa->_method_mod_n);
311 BN_MONT_CTX_free(rsa->_method_mod_n); 311 BN_MONT_CTX_free(rsa->_method_mod_p);
312 if (rsa->_method_mod_p) 312 BN_MONT_CTX_free(rsa->_method_mod_q);
313 BN_MONT_CTX_free(rsa->_method_mod_p);
314 if (rsa->_method_mod_q)
315 BN_MONT_CTX_free(rsa->_method_mod_q);
316 return 1; 313 return 1;
317} 314}
318 315
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index 9a4b1a6293..d582d7954e 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.21 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: digest.c,v 1.22 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -358,8 +358,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
358 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); 358 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
359 free(ctx->md_data); 359 free(ctx->md_data);
360 } 360 }
361 if (ctx->pctx) 361 EVP_PKEY_CTX_free(ctx->pctx);
362 EVP_PKEY_CTX_free(ctx->pctx);
363#ifndef OPENSSL_NO_ENGINE 362#ifndef OPENSSL_NO_ENGINE
364 if (ctx->engine) 363 if (ctx->engine)
365 /* The EVP_MD we used belongs to an ENGINE, release the 364 /* The EVP_MD we used belongs to an ENGINE, release the
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index cf7a39be7b..38a324558f 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pkey.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: evp_pkey.c,v 1.17 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -104,7 +104,7 @@ EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
104 return pkey; 104 return pkey;
105 105
106error: 106error:
107 EVP_PKEY_free (pkey); 107 EVP_PKEY_free(pkey);
108 return NULL; 108 return NULL;
109} 109}
110 110
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
index c4a53b0d5f..4cf18a0be1 100644
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ b/src/lib/libcrypto/evp/pmeth_fn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_fn.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_fn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -331,8 +331,7 @@ EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
331 return -1; 331 return -1;
332 } 332 }
333 333
334 if (ctx->peerkey) 334 EVP_PKEY_free(ctx->peerkey);
335 EVP_PKEY_free(ctx->peerkey);
336 ctx->peerkey = peer; 335 ctx->peerkey = peer;
337 336
338 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); 337 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
index 9eb10d4874..29f533625a 100644
--- a/src/lib/libcrypto/evp/pmeth_gn.c
+++ b/src/lib/libcrypto/evp/pmeth_gn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_gn.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_gn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -222,7 +222,6 @@ EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
222 goto merr; 222 goto merr;
223 223
224merr: 224merr:
225 if (mac_ctx) 225 EVP_PKEY_CTX_free(mac_ctx);
226 EVP_PKEY_CTX_free(mac_ctx);
227 return mac_key; 226 return mac_key;
228} 227}
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index c9c3444a13..12267a6d93 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_lib.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_lib.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -371,10 +371,8 @@ EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
371 return; 371 return;
372 if (ctx->pmeth && ctx->pmeth->cleanup) 372 if (ctx->pmeth && ctx->pmeth->cleanup)
373 ctx->pmeth->cleanup(ctx); 373 ctx->pmeth->cleanup(ctx);
374 if (ctx->pkey) 374 EVP_PKEY_free(ctx->pkey);
375 EVP_PKEY_free(ctx->pkey); 375 EVP_PKEY_free(ctx->peerkey);
376 if (ctx->peerkey)
377 EVP_PKEY_free(ctx->peerkey);
378#ifndef OPENSSL_NO_ENGINE 376#ifndef OPENSSL_NO_ENGINE
379 if (ctx->engine) 377 if (ctx->engine)
380 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the 378 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c
index dafbd13814..8d7ac4a954 100644
--- a/src/lib/libcrypto/pem/pem_pk8.c
+++ b/src/lib/libcrypto/pem/pem_pk8.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pk8.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_pk8.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -184,8 +184,7 @@ d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
184 if (!ret) 184 if (!ret)
185 return NULL; 185 return NULL;
186 if (x) { 186 if (x) {
187 if (*x) 187 EVP_PKEY_free(*x);
188 EVP_PKEY_free(*x);
189 *x = ret; 188 *x = ret;
190 } 189 }
191 return ret; 190 return ret;
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
index 7e5e4f5771..a50742a63d 100644
--- a/src/lib/libcrypto/pem/pem_pkey.c
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pkey.c,v 1.17 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_pkey.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,8 +99,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
99 goto p8err; 99 goto p8err;
100 ret = EVP_PKCS82PKEY(p8inf); 100 ret = EVP_PKCS82PKEY(p8inf);
101 if (x) { 101 if (x) {
102 if (*x) 102 EVP_PKEY_free(*x);
103 EVP_PKEY_free((EVP_PKEY *)*x);
104 *x = ret; 103 *x = ret;
105 } 104 }
106 PKCS8_PRIV_KEY_INFO_free(p8inf); 105 PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -128,8 +127,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
128 goto p8err; 127 goto p8err;
129 ret = EVP_PKCS82PKEY(p8inf); 128 ret = EVP_PKCS82PKEY(p8inf);
130 if (x) { 129 if (x) {
131 if (*x) 130 EVP_PKEY_free(*x);
132 EVP_PKEY_free((EVP_PKEY *)*x);
133 *x = ret; 131 *x = ret;
134 } 132 }
135 PKCS8_PRIV_KEY_INFO_free(p8inf); 133 PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -194,8 +192,7 @@ PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
194 goto err; 192 goto err;
195 } 193 }
196 if (x) { 194 if (x) {
197 if (*x) 195 EVP_PKEY_free(*x);
198 EVP_PKEY_free((EVP_PKEY *)*x);
199 *x = ret; 196 *x = ret;
200 } 197 }
201 } 198 }
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c
index 32fcc181f7..ca7e908c29 100644
--- a/src/lib/libcrypto/pem/pvkfmt.c
+++ b/src/lib/libcrypto/pem/pvkfmt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pvkfmt.c,v 1.10 2014/07/11 15:35:53 miod Exp $ */ 1/* $OpenBSD: pvkfmt.c,v 1.11 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -349,12 +349,9 @@ b2i_dss(const unsigned char **in, unsigned int length, unsigned int bitlen,
349 349
350memerr: 350memerr:
351 PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); 351 PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
352 if (dsa) 352 DSA_free(dsa);
353 DSA_free(dsa); 353 EVP_PKEY_free(ret);
354 if (ret) 354 BN_CTX_free(ctx);
355 EVP_PKEY_free(ret);
356 if (ctx)
357 BN_CTX_free(ctx);
358 return NULL; 355 return NULL;
359} 356}
360 357
@@ -402,10 +399,8 @@ b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen,
402 399
403memerr: 400memerr:
404 PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); 401 PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
405 if (rsa) 402 RSA_free(rsa);
406 RSA_free(rsa); 403 EVP_PKEY_free(ret);
407 if (ret)
408 EVP_PKEY_free(ret);
409 return NULL; 404 return NULL;
410} 405}
411 406
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
index 1f7583084e..0357c2bfa2 100644
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ b/src/lib/libcrypto/pkcs12/p12_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_key.c,v 1.20 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: p12_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -195,12 +195,12 @@ err:
195 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE); 195 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
196 196
197end: 197end:
198 free (Ai); 198 free(Ai);
199 free (B); 199 free(B);
200 free (D); 200 free(D);
201 free (I); 201 free(I);
202 BN_free (Ij); 202 BN_free(Ij);
203 BN_free (Bpl1); 203 BN_free(Bpl1);
204 EVP_MD_CTX_cleanup(&ctx); 204 EVP_MD_CTX_cleanup(&ctx);
205 return ret; 205 return ret;
206} 206}
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 4556949456..cc6fd97b9d 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_doit.c,v 1.27 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pk7_doit.c,v 1.28 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -184,10 +184,8 @@ pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen)
184 ret = 1; 184 ret = 1;
185 185
186err: 186err:
187 if (pkey) 187 EVP_PKEY_free(pkey);
188 EVP_PKEY_free(pkey); 188 EVP_PKEY_CTX_free(pctx);
189 if (pctx)
190 EVP_PKEY_CTX_free(pctx);
191 free(ek); 189 free(ek);
192 return ret; 190 return ret;
193} 191}
@@ -244,8 +242,7 @@ pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri,
244 *peklen = eklen; 242 *peklen = eklen;
245 243
246err: 244err:
247 if (pctx) 245 EVP_PKEY_CTX_free(pctx);
248 EVP_PKEY_CTX_free(pctx);
249 if (!ret && ek) 246 if (!ret && ek)
250 free(ek); 247 free(ek);
251 248
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
index 699f5df394..27370800c9 100644
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ b/src/lib/libcrypto/pkcs7/pk7_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_lib.c,v 1.13 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pk7_lib.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -575,8 +575,7 @@ PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
575 return 1; 575 return 1;
576 576
577err: 577err:
578 if (pkey) 578 EVP_PKEY_free(pkey);
579 EVP_PKEY_free(pkey);
580 return 0; 579 return 0;
581} 580}
582 581
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index d15d1f1c97..8139db0b7d 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa.h,v 1.25 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: rsa.h,v 1.26 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -287,7 +287,7 @@ int RSA_public_decrypt(int flen, const unsigned char *from,
287 unsigned char *to, RSA *rsa, int padding); 287 unsigned char *to, RSA *rsa, int padding);
288int RSA_private_decrypt(int flen, const unsigned char *from, 288int RSA_private_decrypt(int flen, const unsigned char *from,
289 unsigned char *to, RSA *rsa, int padding); 289 unsigned char *to, RSA *rsa, int padding);
290void RSA_free (RSA *r); 290void RSA_free(RSA *r);
291/* "up" the RSA object's reference count */ 291/* "up" the RSA object's reference count */
292int RSA_up_ref(RSA *r); 292int RSA_up_ref(RSA *r);
293 293
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
index 47b2a4e95f..adf459ee6d 100644
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_saos.c,v 1.15 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: rsa_saos.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,8 +140,7 @@ RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
140 } else 140 } else
141 ret = 1; 141 ret = 1;
142err: 142err:
143 if (sig != NULL) 143 M_ASN1_OCTET_STRING_free(sig);
144 M_ASN1_OCTET_STRING_free(sig);
145 if (s != NULL) { 144 if (s != NULL) {
146 OPENSSL_cleanse(s, (unsigned int)siglen); 145 OPENSSL_cleanse(s, (unsigned int)siglen);
147 free(s); 146 free(s);
diff --git a/src/lib/libcrypto/ts/ts_rsp_sign.c b/src/lib/libcrypto/ts/ts_rsp_sign.c
index 9d20e66f9a..27659e8f45 100644
--- a/src/lib/libcrypto/ts/ts_rsp_sign.c
+++ b/src/lib/libcrypto/ts/ts_rsp_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ts_rsp_sign.c,v 1.17 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: ts_rsp_sign.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL 2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -195,8 +195,7 @@ TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
195int 195int
196TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key) 196TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
197{ 197{
198 if (ctx->signer_key) 198 EVP_PKEY_free(ctx->signer_key);
199 EVP_PKEY_free(ctx->signer_key);
200 ctx->signer_key = key; 199 ctx->signer_key = key;
201 CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY); 200 CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
202 201
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index e26866dc80..b63faaad2c 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_cmp.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: x509_cmp.c,v 1.23 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -358,8 +358,7 @@ X509_check_private_key(X509 *x, EVP_PKEY *k)
358 X509err(X509_F_X509_CHECK_PRIVATE_KEY, 358 X509err(X509_F_X509_CHECK_PRIVATE_KEY,
359 X509_R_UNKNOWN_KEY_TYPE); 359 X509_R_UNKNOWN_KEY_TYPE);
360 } 360 }
361 if (xk) 361 EVP_PKEY_free(xk);
362 EVP_PKEY_free(xk);
363 if (ret > 0) 362 if (ret > 0)
364 return 1; 363 return 1;
365 return 0; 364 return 0;
diff --git a/src/lib/libssl/src/crypto/asn1/a_object.c b/src/lib/libssl/src/crypto/asn1/a_object.c
index 551aece6ad..863aa6a226 100644
--- a/src/lib/libssl/src/crypto/asn1/a_object.c
+++ b/src/lib/libssl/src/crypto/asn1/a_object.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_object.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_object.c,v 1.22 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -206,15 +206,13 @@ a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
206 } 206 }
207 if (tmp != ftmp) 207 if (tmp != ftmp)
208 free(tmp); 208 free(tmp);
209 if (bl) 209 BN_free(bl);
210 BN_free(bl);
211 return (len); 210 return (len);
212 211
213err: 212err:
214 if (tmp != ftmp) 213 if (tmp != ftmp)
215 free(tmp); 214 free(tmp);
216 if (bl) 215 BN_free(bl);
217 BN_free(bl);
218 return (0); 216 return (0);
219} 217}
220 218
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c
index c6f95c42ab..f5e3a8b529 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_par.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_par.c,v 1.19 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: asn1_par.c,v 1.20 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -291,10 +291,8 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
291 nl = 1; 291 nl = 1;
292 } 292 }
293 } 293 }
294 if (os != NULL) { 294 M_ASN1_OCTET_STRING_free(os);
295 M_ASN1_OCTET_STRING_free(os); 295 os = NULL;
296 os = NULL;
297 }
298 } else if (tag == V_ASN1_INTEGER) { 296 } else if (tag == V_ASN1_INTEGER) {
299 ASN1_INTEGER *bs; 297 ASN1_INTEGER *bs;
300 int i; 298 int i;
@@ -376,8 +374,7 @@ asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
376end: 374end:
377 if (o != NULL) 375 if (o != NULL)
378 ASN1_OBJECT_free(o); 376 ASN1_OBJECT_free(o);
379 if (os != NULL) 377 M_ASN1_OCTET_STRING_free(os);
380 M_ASN1_OCTET_STRING_free(os);
381 *pp = p; 378 *pp = p;
382 return (ret); 379 return (ret);
383} 380}
diff --git a/src/lib/libssl/src/crypto/asn1/evp_asn1.c b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
index 199c12f9a4..5e21f3c8ae 100644
--- a/src/lib/libssl/src/crypto/asn1/evp_asn1.c
+++ b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_asn1.c,v 1.12 2014/07/11 13:41:59 miod Exp $ */ 1/* $OpenBSD: evp_asn1.c,v 1.13 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -193,9 +193,7 @@ err:
193 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, 193 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,
194 ASN1_R_DATA_IS_WRONG); 194 ASN1_R_DATA_IS_WRONG);
195 } 195 }
196 if (os != NULL) 196 M_ASN1_OCTET_STRING_free(os);
197 M_ASN1_OCTET_STRING_free(os); 197 M_ASN1_INTEGER_free(ai);
198 if (ai != NULL)
199 M_ASN1_INTEGER_free(ai);
200 return (ret); 198 return (ret);
201} 199}
diff --git a/src/lib/libssl/src/crypto/asn1/x_pkey.c b/src/lib/libssl/src/crypto/asn1/x_pkey.c
index a5134bc6a2..d454afb72b 100644
--- a/src/lib/libssl/src/crypto/asn1/x_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/x_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_pkey.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: x_pkey.c,v 1.15 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,10 +149,8 @@ X509_PKEY_free(X509_PKEY *x)
149 149
150 if (x->enc_algor != NULL) 150 if (x->enc_algor != NULL)
151 X509_ALGOR_free(x->enc_algor); 151 X509_ALGOR_free(x->enc_algor);
152 if (x->enc_pkey != NULL) 152 M_ASN1_OCTET_STRING_free(x->enc_pkey);
153 M_ASN1_OCTET_STRING_free(x->enc_pkey); 153 EVP_PKEY_free(x->dec_pkey);
154 if (x->dec_pkey != NULL)
155 EVP_PKEY_free(x->dec_pkey);
156 if ((x->key_data != NULL) && (x->key_free)) 154 if ((x->key_data != NULL) && (x->key_free))
157 free(x->key_data); 155 free(x->key_data);
158 free(x); 156 free(x);
diff --git a/src/lib/libssl/src/crypto/asn1/x_pubkey.c b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
index 87cb25bb50..56cc63059a 100644
--- a/src/lib/libssl/src/crypto/asn1/x_pubkey.c
+++ b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_pubkey.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: x_pubkey.c,v 1.22 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -183,8 +183,7 @@ X509_PUBKEY_get(X509_PUBKEY *key)
183 return ret; 183 return ret;
184 184
185error: 185error:
186 if (ret != NULL) 186 EVP_PKEY_free(ret);
187 EVP_PKEY_free(ret);
188 return (NULL); 187 return (NULL);
189} 188}
190 189
diff --git a/src/lib/libssl/src/crypto/bn/bn_blind.c b/src/lib/libssl/src/crypto/bn/bn_blind.c
index 5f559da067..c842f76c6f 100644
--- a/src/lib/libssl/src/crypto/bn/bn_blind.c
+++ b/src/lib/libssl/src/crypto/bn/bn_blind.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_blind.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: bn_blind.c,v 1.14 2014/07/12 16:03:36 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -181,14 +181,10 @@ BN_BLINDING_free(BN_BLINDING *r)
181 if (r == NULL) 181 if (r == NULL)
182 return; 182 return;
183 183
184 if (r->A != NULL) 184 BN_clear_free(r->A);
185 BN_clear_free(r->A ); 185 BN_clear_free(r->Ai);
186 if (r->Ai != NULL) 186 BN_clear_free(r->e);
187 BN_clear_free(r->Ai); 187 BN_clear_free(r->mod);
188 if (r->e != NULL)
189 BN_clear_free(r->e );
190 if (r->mod != NULL)
191 BN_clear_free(r->mod);
192 free(r); 188 free(r);
193} 189}
194 190
@@ -341,8 +337,7 @@ BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m,
341 goto err; 337 goto err;
342 338
343 if (e != NULL) { 339 if (e != NULL) {
344 if (ret->e != NULL) 340 BN_free(ret->e);
345 BN_free(ret->e);
346 ret->e = BN_dup(e); 341 ret->e = BN_dup(e);
347 } 342 }
348 if (ret->e == NULL) 343 if (ret->e == NULL)
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c
index 4ee9b2bbde..d0cb49cd1e 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lib.c
+++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_lib.c,v 1.32 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_lib.c,v 1.33 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -585,8 +585,7 @@ BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
585 i = ((n - 1) / BN_BYTES) + 1; 585 i = ((n - 1) / BN_BYTES) + 1;
586 m = ((n - 1) % (BN_BYTES)); 586 m = ((n - 1) % (BN_BYTES));
587 if (bn_wexpand(ret, (int)i) == NULL) { 587 if (bn_wexpand(ret, (int)i) == NULL) {
588 if (bn) 588 BN_free(bn);
589 BN_free(bn);
590 return NULL; 589 return NULL;
591 } 590 }
592 ret->top = i; 591 ret->top = i;
diff --git a/src/lib/libssl/src/crypto/bn/bn_mod.c b/src/lib/libssl/src/crypto/bn/bn_mod.c
index a503ff3b1b..67bd3541b0 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mod.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mod.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mod.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_mod.c,v 1.9 2014/07/12 16:03:36 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. */ 3 * for the OpenSSL project. */
4/* ==================================================================== 4/* ====================================================================
@@ -253,8 +253,7 @@ BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx)
253 ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); 253 ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
254 bn_check_top(r); 254 bn_check_top(r);
255 255
256 if (abs_m) 256 BN_free(abs_m);
257 BN_free(abs_m);
258 return ret; 257 return ret;
259} 258}
260 259
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c
index db786a63ef..27468ceb93 100644
--- a/src/lib/libssl/src/crypto/bn/bn_prime.c
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.11 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -344,8 +344,7 @@ err:
344 if (ctx_passed == NULL) 344 if (ctx_passed == NULL)
345 BN_CTX_free(ctx); 345 BN_CTX_free(ctx);
346 } 346 }
347 if (mont != NULL) 347 BN_MONT_CTX_free(mont);
348 BN_MONT_CTX_free(mont);
349 348
350 return (ret); 349 return (ret);
351} 350}
diff --git a/src/lib/libssl/src/crypto/bn/bn_print.c b/src/lib/libssl/src/crypto/bn/bn_print.c
index ccdae5ae09..4920705a5b 100644
--- a/src/lib/libssl/src/crypto/bn/bn_print.c
+++ b/src/lib/libssl/src/crypto/bn/bn_print.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_print.c,v 1.22 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: bn_print.c,v 1.23 2014/07/12 16:03:36 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -163,8 +163,7 @@ BN_bn2dec(const BIGNUM *a)
163 163
164err: 164err:
165 free(bn_data); 165 free(bn_data);
166 if (t != NULL) 166 BN_free(t);
167 BN_free(t);
168 if (!ok && buf) { 167 if (!ok && buf) {
169 free(buf); 168 free(buf);
170 buf = NULL; 169 buf = NULL;
diff --git a/src/lib/libssl/src/crypto/cmac/cm_ameth.c b/src/lib/libssl/src/crypto/cmac/cm_ameth.c
index 39d8ad3aa8..e7e7fe0f80 100644
--- a/src/lib/libssl/src/crypto/cmac/cm_ameth.c
+++ b/src/lib/libssl/src/crypto/cmac/cm_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cm_ameth.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: cm_ameth.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010. 3 * project 2010.
4 */ 4 */
@@ -74,8 +74,7 @@ cmac_key_free(EVP_PKEY *pkey)
74{ 74{
75 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr; 75 CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
76 76
77 if (cmctx) 77 CMAC_CTX_free(cmctx);
78 CMAC_CTX_free(cmctx);
79} 78}
80 79
81const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { 80const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
diff --git a/src/lib/libssl/src/crypto/cms/cms_asn1.c b/src/lib/libssl/src/crypto/cms/cms_asn1.c
index a75fa26137..fbdac5b1ba 100644
--- a/src/lib/libssl/src/crypto/cms/cms_asn1.c
+++ b/src/lib/libssl/src/crypto/cms/cms_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_asn1.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: cms_asn1.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -91,8 +91,7 @@ cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
91{ 91{
92 if (operation == ASN1_OP_FREE_POST) { 92 if (operation == ASN1_OP_FREE_POST) {
93 CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; 93 CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
94 if (si->pkey) 94 EVP_PKEY_free(si->pkey);
95 EVP_PKEY_free(si->pkey);
96 if (si->signer) 95 if (si->signer)
97 X509_free(si->signer); 96 X509_free(si->signer);
98 } 97 }
@@ -219,8 +218,7 @@ cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
219 CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; 218 CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
220 if (ri->type == CMS_RECIPINFO_TRANS) { 219 if (ri->type == CMS_RECIPINFO_TRANS) {
221 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 220 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
222 if (ktri->pkey) 221 EVP_PKEY_free(ktri->pkey);
223 EVP_PKEY_free(ktri->pkey);
224 if (ktri->recip) 222 if (ktri->recip)
225 X509_free(ktri->recip); 223 X509_free(ktri->recip);
226 } else if (ri->type == CMS_RECIPINFO_KEK) { 224 } else if (ri->type == CMS_RECIPINFO_KEK) {
diff --git a/src/lib/libssl/src/crypto/cms/cms_env.c b/src/lib/libssl/src/crypto/cms/cms_env.c
index 66ec1a9343..19c86b9550 100644
--- a/src/lib/libssl/src/crypto/cms/cms_env.c
+++ b/src/lib/libssl/src/crypto/cms/cms_env.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_env.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: cms_env.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -346,8 +346,7 @@ cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
346 ret = 1; 346 ret = 1;
347 347
348err: 348err:
349 if (pctx) 349 EVP_PKEY_CTX_free(pctx);
350 EVP_PKEY_CTX_free(pctx);
351 free(ek); 350 free(ek);
352 return ret; 351 return ret;
353} 352}
@@ -416,8 +415,7 @@ cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
416 ec->keylen = eklen; 415 ec->keylen = eklen;
417 416
418err: 417err:
419 if (pctx) 418 EVP_PKEY_CTX_free(pctx);
420 EVP_PKEY_CTX_free(pctx);
421 if (!ret && ek) 419 if (!ret && ek)
422 free(ek); 420 free(ek);
423 421
diff --git a/src/lib/libssl/src/crypto/cms/cms_sd.c b/src/lib/libssl/src/crypto/cms/cms_sd.c
index 7e490c0988..70ad897bda 100644
--- a/src/lib/libssl/src/crypto/cms/cms_sd.c
+++ b/src/lib/libssl/src/crypto/cms/cms_sd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_sd.c,v 1.7 2014/07/11 13:02:10 miod Exp $ */ 1/* $OpenBSD: cms_sd.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -495,8 +495,7 @@ CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
495{ 495{
496 if (signer) { 496 if (signer) {
497 CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); 497 CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
498 if (si->pkey) 498 EVP_PKEY_free(si->pkey);
499 EVP_PKEY_free(si->pkey);
500 si->pkey = X509_get_pubkey(signer); 499 si->pkey = X509_get_pubkey(signer);
501 } 500 }
502 if (si->signer) 501 if (si->signer)
diff --git a/src/lib/libssl/src/crypto/dh/dh_ameth.c b/src/lib/libssl/src/crypto/dh/dh_ameth.c
index 91178a92b0..729c996a1b 100644
--- a/src/lib/libssl/src/crypto/dh/dh_ameth.c
+++ b/src/lib/libssl/src/crypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_ameth.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_ameth.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -120,8 +120,7 @@ dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
120err: 120err:
121 if (public_key) 121 if (public_key)
122 ASN1_INTEGER_free(public_key); 122 ASN1_INTEGER_free(public_key);
123 if (dh) 123 DH_free(dh);
124 DH_free(dh);
125 return 0; 124 return 0;
126} 125}
127 126
@@ -409,14 +408,12 @@ dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
409 408
410 if ((a = BN_dup(from->pkey.dh->p)) == NULL) 409 if ((a = BN_dup(from->pkey.dh->p)) == NULL)
411 return 0; 410 return 0;
412 if (to->pkey.dh->p != NULL) 411 BN_free(to->pkey.dh->p);
413 BN_free(to->pkey.dh->p);
414 to->pkey.dh->p = a; 412 to->pkey.dh->p = a;
415 413
416 if ((a = BN_dup(from->pkey.dh->g)) == NULL) 414 if ((a = BN_dup(from->pkey.dh->g)) == NULL)
417 return 0; 415 return 0;
418 if (to->pkey.dh->g != NULL) 416 BN_free(to->pkey.dh->g);
419 BN_free(to->pkey.dh->g);
420 to->pkey.dh->g = a; 417 to->pkey.dh->g = a;
421 418
422 return 1; 419 return 1;
diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c
index 01b9531a44..0f6c50b055 100644
--- a/src/lib/libssl/src/crypto/dh/dh_check.c
+++ b/src/lib/libssl/src/crypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_check.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_check.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -114,10 +114,8 @@ DH_check(const DH *dh, int *ret)
114 } 114 }
115 ok = 1; 115 ok = 1;
116err: 116err:
117 if (ctx != NULL) 117 BN_CTX_free(ctx);
118 BN_CTX_free(ctx); 118 BN_free(q);
119 if (q != NULL)
120 BN_free(q);
121 return ok; 119 return ok;
122} 120}
123 121
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
index 6d90816122..132ba5cfa4 100644
--- a/src/lib/libssl/src/crypto/dh/dh_key.c
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -260,7 +260,6 @@ dh_init(DH *dh)
260static int 260static int
261dh_finish(DH *dh) 261dh_finish(DH *dh)
262{ 262{
263 if (dh->method_mont_p) 263 BN_MONT_CTX_free(dh->method_mont_p);
264 BN_MONT_CTX_free(dh->method_mont_p);
265 return 1; 264 return 1;
266} 265}
diff --git a/src/lib/libssl/src/crypto/dh/dh_lib.c b/src/lib/libssl/src/crypto/dh/dh_lib.c
index 0a956e5416..c438f387c0 100644
--- a/src/lib/libssl/src/crypto/dh/dh_lib.c
+++ b/src/lib/libssl/src/crypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_lib.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dh_lib.c,v 1.20 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -194,21 +194,14 @@ DH_free(DH *r)
194 194
195 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); 195 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
196 196
197 if (r->p != NULL) 197 BN_clear_free(r->p);
198 BN_clear_free(r->p); 198 BN_clear_free(r->g);
199 if (r->g != NULL) 199 BN_clear_free(r->q);
200 BN_clear_free(r->g); 200 BN_clear_free(r->j);
201 if (r->q != NULL)
202 BN_clear_free(r->q);
203 if (r->j != NULL)
204 BN_clear_free(r->j);
205 free(r->seed); 201 free(r->seed);
206 if (r->counter != NULL) 202 BN_clear_free(r->counter);
207 BN_clear_free(r->counter); 203 BN_clear_free(r->pub_key);
208 if (r->pub_key != NULL) 204 BN_clear_free(r->priv_key);
209 BN_clear_free(r->pub_key);
210 if (r->priv_key != NULL)
211 BN_clear_free(r->priv_key);
212 free(r); 205 free(r);
213} 206}
214 207
diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h
index c1264ac325..bd7b26070d 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa.h
+++ b/src/lib/libssl/src/crypto/dsa/dsa.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa.h,v 1.17 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: dsa.h,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -206,7 +206,7 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *);
206 206
207DSA * DSA_new(void); 207DSA * DSA_new(void);
208DSA * DSA_new_method(ENGINE *engine); 208DSA * DSA_new_method(ENGINE *engine);
209void DSA_free (DSA *r); 209void DSA_free(DSA *r);
210/* "up" the DSA object's reference count */ 210/* "up" the DSA object's reference count */
211int DSA_up_ref(DSA *r); 211int DSA_up_ref(DSA *r);
212int DSA_size(const DSA *); 212int DSA_size(const DSA *);
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ameth.c b/src/lib/libssl/src/crypto/dsa/dsa_ameth.c
index 73c58ec94c..7da4ac5695 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_ameth.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ameth.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_ameth.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -125,8 +125,7 @@ dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
125err: 125err:
126 if (public_key) 126 if (public_key)
127 ASN1_INTEGER_free(public_key); 127 ASN1_INTEGER_free(public_key);
128 if (dsa) 128 DSA_free(dsa);
129 DSA_free(dsa);
130 return 0; 129 return 0;
131} 130}
132 131
@@ -264,7 +263,7 @@ dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
264 } 263 }
265 264
266 EVP_PKEY_assign_DSA(pkey, dsa); 265 EVP_PKEY_assign_DSA(pkey, dsa);
267 BN_CTX_free (ctx); 266 BN_CTX_free(ctx);
268 if (ndsa) 267 if (ndsa)
269 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 268 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
270 else 269 else
@@ -275,7 +274,7 @@ dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
275decerr: 274decerr:
276 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); 275 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
277dsaerr: 276dsaerr:
278 BN_CTX_free (ctx); 277 BN_CTX_free(ctx);
279 if (privkey) 278 if (privkey)
280 ASN1_INTEGER_free(privkey); 279 ASN1_INTEGER_free(privkey);
281 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 280 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
@@ -358,20 +357,17 @@ dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
358 357
359 if ((a = BN_dup(from->pkey.dsa->p)) == NULL) 358 if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
360 return 0; 359 return 0;
361 if (to->pkey.dsa->p != NULL) 360 BN_free(to->pkey.dsa->p);
362 BN_free(to->pkey.dsa->p);
363 to->pkey.dsa->p = a; 361 to->pkey.dsa->p = a;
364 362
365 if ((a = BN_dup(from->pkey.dsa->q)) == NULL) 363 if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
366 return 0; 364 return 0;
367 if (to->pkey.dsa->q != NULL) 365 BN_free(to->pkey.dsa->q);
368 BN_free(to->pkey.dsa->q);
369 to->pkey.dsa->q = a; 366 to->pkey.dsa->q = a;
370 367
371 if ((a = BN_dup(from->pkey.dsa->g)) == NULL) 368 if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
372 return 0; 369 return 0;
373 if (to->pkey.dsa->g != NULL) 370 BN_free(to->pkey.dsa->g);
374 BN_free(to->pkey.dsa->g);
375 to->pkey.dsa->g = a; 371 to->pkey.dsa->g = a;
376 return 1; 372 return 1;
377} 373}
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
index d41e7562e1..a3d07b901a 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_gen.c,v 1.15 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_gen.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -322,12 +322,9 @@ end:
322 ok = 1; 322 ok = 1;
323err: 323err:
324 if (ok) { 324 if (ok) {
325 if (ret->p) 325 BN_free(ret->p);
326 BN_free(ret->p); 326 BN_free(ret->q);
327 if (ret->q) 327 BN_free(ret->g);
328 BN_free(ret->q);
329 if (ret->g)
330 BN_free(ret->g);
331 ret->p = BN_dup(p); 328 ret->p = BN_dup(p);
332 ret->q = BN_dup(q); 329 ret->q = BN_dup(q);
333 ret->g = BN_dup(g); 330 ret->g = BN_dup(g);
@@ -346,8 +343,7 @@ err:
346 BN_CTX_end(ctx); 343 BN_CTX_end(ctx);
347 BN_CTX_free(ctx); 344 BN_CTX_free(ctx);
348 } 345 }
349 if (mont != NULL) 346 BN_MONT_CTX_free(mont);
350 BN_MONT_CTX_free(mont);
351 return ok; 347 return ok;
352} 348}
353#endif 349#endif
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c
index 4573ecbcce..4dc28dbb90 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_key.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_key.c,v 1.18 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_key.c,v 1.19 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -128,8 +128,7 @@ err:
128 BN_free(pub_key); 128 BN_free(pub_key);
129 if (priv_key != NULL && dsa->priv_key == NULL) 129 if (priv_key != NULL && dsa->priv_key == NULL)
130 BN_free(priv_key); 130 BN_free(priv_key);
131 if (ctx != NULL) 131 BN_CTX_free(ctx);
132 BN_CTX_free(ctx);
133 return ok; 132 return ok;
134} 133}
135#endif 134#endif
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_lib.c b/src/lib/libssl/src/crypto/dsa/dsa_lib.c
index 97307134cd..1cfd6ce6b8 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_lib.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_lib.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_lib.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -201,20 +201,13 @@ DSA_free(DSA *r)
201 201
202 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); 202 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
203 203
204 if (r->p != NULL) 204 BN_clear_free(r->p);
205 BN_clear_free(r->p); 205 BN_clear_free(r->q);
206 if (r->q != NULL) 206 BN_clear_free(r->g);
207 BN_clear_free(r->q); 207 BN_clear_free(r->pub_key);
208 if (r->g != NULL) 208 BN_clear_free(r->priv_key);
209 BN_clear_free(r->g); 209 BN_clear_free(r->kinv);
210 if (r->pub_key != NULL) 210 BN_clear_free(r->r);
211 BN_clear_free(r->pub_key);
212 if (r->priv_key != NULL)
213 BN_clear_free(r->priv_key);
214 if (r->kinv != NULL)
215 BN_clear_free(r->kinv);
216 if (r->r != NULL)
217 BN_clear_free(r->r);
218 free(r); 211 free(r);
219} 212}
220 213
@@ -305,8 +298,7 @@ DSA_dup_DH(const DSA *r)
305 return ret; 298 return ret;
306 299
307err: 300err:
308 if (ret != NULL) 301 DH_free(ret);
309 DH_free(ret);
310 return NULL; 302 return NULL;
311} 303}
312#endif 304#endif
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
index 5bff836c50..e372853063 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ossl.c,v 1.20 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_ossl.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -212,12 +212,10 @@ err:
212 BN_free(r); 212 BN_free(r);
213 BN_free(s); 213 BN_free(s);
214 } 214 }
215 if (ctx != NULL) 215 BN_CTX_free(ctx);
216 BN_CTX_free(ctx);
217 BN_clear_free(&m); 216 BN_clear_free(&m);
218 BN_clear_free(&xr); 217 BN_clear_free(&xr);
219 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ 218 BN_clear_free(kinv);
220 BN_clear_free(kinv);
221 return ret; 219 return ret;
222} 220}
223 221
@@ -295,19 +293,16 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
295 if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL) 293 if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
296 goto err; 294 goto err;
297 295
298 if (*kinvp != NULL) 296 BN_clear_free(*kinvp);
299 BN_clear_free(*kinvp);
300 *kinvp = kinv; 297 *kinvp = kinv;
301 kinv = NULL; 298 kinv = NULL;
302 if (*rp != NULL) 299 BN_clear_free(*rp);
303 BN_clear_free(*rp);
304 *rp = r; 300 *rp = r;
305 ret = 1; 301 ret = 1;
306err: 302err:
307 if (!ret) { 303 if (!ret) {
308 DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB); 304 DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
309 if (r != NULL) 305 BN_clear_free(r);
310 BN_clear_free(r);
311 } 306 }
312 if (ctx_in == NULL) 307 if (ctx_in == NULL)
313 BN_CTX_free(ctx); 308 BN_CTX_free(ctx);
@@ -406,8 +401,7 @@ err:
406 there is no error in BN. Test should be ret == -1 (Ben) */ 401 there is no error in BN. Test should be ret == -1 (Ben) */
407 if (ret != 1) 402 if (ret != 1)
408 DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB); 403 DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
409 if (ctx != NULL) 404 BN_CTX_free(ctx);
410 BN_CTX_free(ctx);
411 BN_free(&u1); 405 BN_free(&u1);
412 BN_free(&u2); 406 BN_free(&u2);
413 BN_free(&t1); 407 BN_free(&t1);
@@ -424,8 +418,7 @@ dsa_init(DSA *dsa)
424static int 418static int
425dsa_finish(DSA *dsa) 419dsa_finish(DSA *dsa)
426{ 420{
427 if (dsa->method_mont_p) 421 BN_MONT_CTX_free(dsa->method_mont_p);
428 BN_MONT_CTX_free(dsa->method_mont_p);
429 return 1; 422 return 1;
430} 423}
431 424
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
index efeb35477c..80e002c4a7 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_sign.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: dsa_sign.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -91,10 +91,8 @@ void
91DSA_SIG_free(DSA_SIG *sig) 91DSA_SIG_free(DSA_SIG *sig)
92{ 92{
93 if (sig) { 93 if (sig) {
94 if (sig->r) 94 BN_free(sig->r);
95 BN_free(sig->r); 95 BN_free(sig->s);
96 if (sig->s)
97 BN_free(sig->s);
98 free(sig); 96 free(sig);
99 } 97 }
100} 98}
diff --git a/src/lib/libssl/src/crypto/ec/ec2_mult.c b/src/lib/libssl/src/crypto/ec/ec2_mult.c
index 6c3a759dc8..c74571f88c 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_mult.c,v 1.4 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_mult.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -421,12 +421,9 @@ ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
421 ret = 1; 421 ret = 1;
422 422
423err: 423err:
424 if (p) 424 EC_POINT_free(p);
425 EC_POINT_free(p); 425 EC_POINT_free(acc);
426 if (acc) 426 BN_CTX_free(new_ctx);
427 EC_POINT_free(acc);
428 if (new_ctx != NULL)
429 BN_CTX_free(new_ctx);
430 return ret; 427 return ret;
431} 428}
432 429
diff --git a/src/lib/libssl/src/crypto/ec/ec2_oct.c b/src/lib/libssl/src/crypto/ec/ec2_oct.c
index 5150423b99..3b8039af6e 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_oct.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_oct.c,v 1.4 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_oct.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -157,8 +157,7 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point
157 157
158err: 158err:
159 BN_CTX_end(ctx); 159 BN_CTX_end(ctx);
160 if (new_ctx != NULL) 160 BN_CTX_free(new_ctx);
161 BN_CTX_free(new_ctx);
162 return ret; 161 return ret;
163} 162}
164 163
@@ -267,15 +266,13 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
267 } 266 }
268 if (used_ctx) 267 if (used_ctx)
269 BN_CTX_end(ctx); 268 BN_CTX_end(ctx);
270 if (new_ctx != NULL) 269 BN_CTX_free(new_ctx);
271 BN_CTX_free(new_ctx);
272 return ret; 270 return ret;
273 271
274err: 272err:
275 if (used_ctx) 273 if (used_ctx)
276 BN_CTX_end(ctx); 274 BN_CTX_end(ctx);
277 if (new_ctx != NULL) 275 BN_CTX_free(new_ctx);
278 BN_CTX_free(new_ctx);
279 return 0; 276 return 0;
280} 277}
281 278
@@ -375,8 +372,7 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
375 372
376err: 373err:
377 BN_CTX_end(ctx); 374 BN_CTX_end(ctx);
378 if (new_ctx != NULL) 375 BN_CTX_free(new_ctx);
379 BN_CTX_free(new_ctx);
380 return ret; 376 return ret;
381} 377}
382#endif 378#endif
diff --git a/src/lib/libssl/src/crypto/ec/ec2_smpl.c b/src/lib/libssl/src/crypto/ec/ec2_smpl.c
index 001ffcc077..0031a161c7 100644
--- a/src/lib/libssl/src/crypto/ec/ec2_smpl.c
+++ b/src/lib/libssl/src/crypto/ec/ec2_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec2_smpl.c,v 1.11 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: ec2_smpl.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -310,8 +310,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
310err: 310err:
311 if (ctx != NULL) 311 if (ctx != NULL)
312 BN_CTX_end(ctx); 312 BN_CTX_end(ctx);
313 if (new_ctx != NULL) 313 BN_CTX_free(new_ctx);
314 BN_CTX_free(new_ctx);
315 return ret; 314 return ret;
316} 315}
317 316
@@ -547,8 +546,7 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
547 546
548err: 547err:
549 BN_CTX_end(ctx); 548 BN_CTX_end(ctx);
550 if (new_ctx != NULL) 549 BN_CTX_free(new_ctx);
551 BN_CTX_free(new_ctx);
552 return ret; 550 return ret;
553} 551}
554 552
@@ -641,8 +639,7 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX
641err: 639err:
642 if (ctx) 640 if (ctx)
643 BN_CTX_end(ctx); 641 BN_CTX_end(ctx);
644 if (new_ctx) 642 BN_CTX_free(new_ctx);
645 BN_CTX_free(new_ctx);
646 return ret; 643 return ret;
647} 644}
648 645
@@ -691,8 +688,7 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT *
691err: 688err:
692 if (ctx) 689 if (ctx)
693 BN_CTX_end(ctx); 690 BN_CTX_end(ctx);
694 if (new_ctx) 691 BN_CTX_free(new_ctx);
695 BN_CTX_free(new_ctx);
696 return ret; 692 return ret;
697} 693}
698 694
@@ -733,8 +729,7 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct
733err: 729err:
734 if (ctx) 730 if (ctx)
735 BN_CTX_end(ctx); 731 BN_CTX_end(ctx);
736 if (new_ctx) 732 BN_CTX_free(new_ctx);
737 BN_CTX_free(new_ctx);
738 return ret; 733 return ret;
739} 734}
740 735
diff --git a/src/lib/libssl/src/crypto/ec/ec_ameth.c b/src/lib/libssl/src/crypto/ec/ec_ameth.c
index 93e305b71a..c201815621 100644
--- a/src/lib/libssl/src/crypto/ec/ec_ameth.c
+++ b/src/lib/libssl/src/crypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_ameth.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ec_ameth.c,v 1.12 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -492,12 +492,9 @@ do_EC_KEY_print(BIO * bp, const EC_KEY * x, int off, int ktype)
492err: 492err:
493 if (!ret) 493 if (!ret)
494 ECerr(EC_F_DO_EC_KEY_PRINT, reason); 494 ECerr(EC_F_DO_EC_KEY_PRINT, reason);
495 if (pub_key) 495 BN_free(pub_key);
496 BN_free(pub_key); 496 BN_free(order);
497 if (order) 497 BN_CTX_free(ctx);
498 BN_free(order);
499 if (ctx)
500 BN_CTX_free(ctx);
501 free(buffer); 498 free(buffer);
502 return (ret); 499 return (ret);
503} 500}
diff --git a/src/lib/libssl/src/crypto/ec/ec_asn1.c b/src/lib/libssl/src/crypto/ec/ec_asn1.c
index ef87b599f2..c54f6593d5 100644
--- a/src/lib/libssl/src/crypto/ec/ec_asn1.c
+++ b/src/lib/libssl/src/crypto/ec/ec_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_asn1.c,v 1.9 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_asn1.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -404,8 +404,8 @@ ec_asn1_group2fieldid(const EC_GROUP * group, X9_62_FIELDID * field)
404 404
405 ok = 1; 405 ok = 1;
406 406
407err: if (tmp) 407err:
408 BN_free(tmp); 408 BN_free(tmp);
409 return (ok); 409 return (ok);
410} 410}
411 411
@@ -509,12 +509,11 @@ ec_asn1_group2curve(const EC_GROUP * group, X9_62_CURVE * curve)
509 509
510 ok = 1; 510 ok = 1;
511 511
512err: free(buffer_1); 512err:
513 free(buffer_1);
513 free(buffer_2); 514 free(buffer_2);
514 if (tmp_1) 515 BN_free(tmp_1);
515 BN_free(tmp_1); 516 BN_free(tmp_2);
516 if (tmp_2)
517 BN_free(tmp_2);
518 return (ok); 517 return (ok);
519} 518}
520 519
@@ -608,8 +607,7 @@ err: if (!ok) {
608 ECPARAMETERS_free(ret); 607 ECPARAMETERS_free(ret);
609 ret = NULL; 608 ret = NULL;
610 } 609 }
611 if (tmp) 610 BN_free(tmp);
612 BN_free(tmp);
613 free(buffer); 611 free(buffer);
614 return (ret); 612 return (ret);
615} 613}
@@ -849,10 +847,8 @@ ec_asn1_parameters2group(const ECPARAMETERS * params)
849 } 847 }
850 /* extract the cofactor (optional) */ 848 /* extract the cofactor (optional) */
851 if (params->cofactor == NULL) { 849 if (params->cofactor == NULL) {
852 if (b) { 850 BN_free(b);
853 BN_free(b); 851 b = NULL;
854 b = NULL;
855 }
856 } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) { 852 } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
857 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); 853 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
858 goto err; 854 goto err;
@@ -865,18 +861,13 @@ ec_asn1_parameters2group(const ECPARAMETERS * params)
865 ok = 1; 861 ok = 1;
866 862
867err: if (!ok) { 863err: if (!ok) {
868 if (ret) 864 EC_GROUP_clear_free(ret);
869 EC_GROUP_clear_free(ret);
870 ret = NULL; 865 ret = NULL;
871 } 866 }
872 if (p) 867 BN_free(p);
873 BN_free(p); 868 BN_free(a);
874 if (a) 869 BN_free(b);
875 BN_free(a); 870 EC_POINT_free(point);
876 if (b)
877 BN_free(b);
878 if (point)
879 EC_POINT_free(point);
880 return (ret); 871 return (ret);
881} 872}
882 873
@@ -992,8 +983,7 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
992 ret = *a; 983 ret = *a;
993 984
994 if (priv_key->parameters) { 985 if (priv_key->parameters) {
995 if (ret->group) 986 EC_GROUP_clear_free(ret->group);
996 EC_GROUP_clear_free(ret->group);
997 ret->group = ec_asn1_pkparameters2group(priv_key->parameters); 987 ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
998 } 988 }
999 if (ret->group == NULL) { 989 if (ret->group == NULL) {
@@ -1022,8 +1012,7 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
1022 const unsigned char *pub_oct; 1012 const unsigned char *pub_oct;
1023 size_t pub_oct_len; 1013 size_t pub_oct_len;
1024 1014
1025 if (ret->pub_key) 1015 EC_POINT_clear_free(ret->pub_key);
1026 EC_POINT_clear_free(ret->pub_key);
1027 ret->pub_key = EC_POINT_new(ret->group); 1016 ret->pub_key = EC_POINT_new(ret->group);
1028 if (ret->pub_key == NULL) { 1017 if (ret->pub_key == NULL) {
1029 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1018 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
diff --git a/src/lib/libssl/src/crypto/ec/ec_check.c b/src/lib/libssl/src/crypto/ec/ec_check.c
index 585590514f..779e03cc2b 100644
--- a/src/lib/libssl/src/crypto/ec/ec_check.c
+++ b/src/lib/libssl/src/crypto/ec/ec_check.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_check.c,v 1.3 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ec_check.c,v 1.4 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -109,9 +109,7 @@ EC_GROUP_check(const EC_GROUP * group, BN_CTX * ctx)
109err: 109err:
110 if (ctx != NULL) 110 if (ctx != NULL)
111 BN_CTX_end(ctx); 111 BN_CTX_end(ctx);
112 if (new_ctx != NULL) 112 BN_CTX_free(new_ctx);
113 BN_CTX_free(new_ctx); 113 EC_POINT_free(point);
114 if (point)
115 EC_POINT_free(point);
116 return ret; 114 return ret;
117} 115}
diff --git a/src/lib/libssl/src/crypto/ec/ec_curve.c b/src/lib/libssl/src/crypto/ec/ec_curve.c
index baac8c7156..9d36d0bf22 100644
--- a/src/lib/libssl/src/crypto/ec/ec_curve.c
+++ b/src/lib/libssl/src/crypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.6 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -2981,22 +2981,14 @@ err:
2981 EC_GROUP_free(group); 2981 EC_GROUP_free(group);
2982 group = NULL; 2982 group = NULL;
2983 } 2983 }
2984 if (P) 2984 EC_POINT_free(P);
2985 EC_POINT_free(P); 2985 BN_CTX_free(ctx);
2986 if (ctx) 2986 BN_free(p);
2987 BN_CTX_free(ctx); 2987 BN_free(a);
2988 if (p) 2988 BN_free(b);
2989 BN_free(p); 2989 BN_free(order);
2990 if (a) 2990 BN_free(x);
2991 BN_free(a); 2991 BN_free(y);
2992 if (b)
2993 BN_free(b);
2994 if (order)
2995 BN_free(order);
2996 if (x)
2997 BN_free(x);
2998 if (y)
2999 BN_free(y);
3000 return group; 2992 return group;
3001} 2993}
3002 2994
diff --git a/src/lib/libssl/src/crypto/ec/ec_key.c b/src/lib/libssl/src/crypto/ec/ec_key.c
index 7067a949da..1154c4dbf5 100644
--- a/src/lib/libssl/src/crypto/ec/ec_key.c
+++ b/src/lib/libssl/src/crypto/ec/ec_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_key.c,v 1.8 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_key.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -116,12 +116,9 @@ EC_KEY_free(EC_KEY * r)
116 if (i > 0) 116 if (i > 0)
117 return; 117 return;
118 118
119 if (r->group != NULL) 119 EC_GROUP_free(r->group);
120 EC_GROUP_free(r->group); 120 EC_POINT_free(r->pub_key);
121 if (r->pub_key != NULL) 121 BN_clear_free(r->priv_key);
122 EC_POINT_free(r->pub_key);
123 if (r->priv_key != NULL)
124 BN_clear_free(r->priv_key);
125 122
126 EC_EX_DATA_free_all_data(&r->method_data); 123 EC_EX_DATA_free_all_data(&r->method_data);
127 124
@@ -143,8 +140,7 @@ EC_KEY_copy(EC_KEY * dest, const EC_KEY * src)
143 if (src->group) { 140 if (src->group) {
144 const EC_METHOD *meth = EC_GROUP_method_of(src->group); 141 const EC_METHOD *meth = EC_GROUP_method_of(src->group);
145 /* clear the old group */ 142 /* clear the old group */
146 if (dest->group) 143 EC_GROUP_free(dest->group);
147 EC_GROUP_free(dest->group);
148 dest->group = EC_GROUP_new(meth); 144 dest->group = EC_GROUP_new(meth);
149 if (dest->group == NULL) 145 if (dest->group == NULL)
150 return NULL; 146 return NULL;
@@ -153,8 +149,7 @@ EC_KEY_copy(EC_KEY * dest, const EC_KEY * src)
153 } 149 }
154 /* copy the public key */ 150 /* copy the public key */
155 if (src->pub_key && src->group) { 151 if (src->pub_key && src->group) {
156 if (dest->pub_key) 152 EC_POINT_free(dest->pub_key);
157 EC_POINT_free(dest->pub_key);
158 dest->pub_key = EC_POINT_new(src->group); 153 dest->pub_key = EC_POINT_new(src->group);
159 if (dest->pub_key == NULL) 154 if (dest->pub_key == NULL)
160 return NULL; 155 return NULL;
@@ -261,14 +256,12 @@ EC_KEY_generate_key(EC_KEY * eckey)
261 ok = 1; 256 ok = 1;
262 257
263err: 258err:
264 if (order) 259 BN_free(order);
265 BN_free(order);
266 if (pub_key != NULL && eckey->pub_key == NULL) 260 if (pub_key != NULL && eckey->pub_key == NULL)
267 EC_POINT_free(pub_key); 261 EC_POINT_free(pub_key);
268 if (priv_key != NULL && eckey->priv_key == NULL) 262 if (priv_key != NULL && eckey->priv_key == NULL)
269 BN_free(priv_key); 263 BN_free(priv_key);
270 if (ctx != NULL) 264 BN_CTX_free(ctx);
271 BN_CTX_free(ctx);
272 return (ok); 265 return (ok);
273} 266}
274 267
@@ -334,10 +327,8 @@ EC_KEY_check_key(const EC_KEY * eckey)
334 } 327 }
335 ok = 1; 328 ok = 1;
336err: 329err:
337 if (ctx != NULL) 330 BN_CTX_free(ctx);
338 BN_CTX_free(ctx); 331 EC_POINT_free(point);
339 if (point != NULL)
340 EC_POINT_free(point);
341 return (ok); 332 return (ok);
342} 333}
343 334
@@ -406,10 +397,8 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
406 ok = 1; 397 ok = 1;
407 398
408err: 399err:
409 if (ctx) 400 BN_CTX_free(ctx);
410 BN_CTX_free(ctx); 401 EC_POINT_free(point);
411 if (point)
412 EC_POINT_free(point);
413 return ok; 402 return ok;
414 403
415} 404}
@@ -423,8 +412,7 @@ EC_KEY_get0_group(const EC_KEY * key)
423int 412int
424EC_KEY_set_group(EC_KEY * key, const EC_GROUP * group) 413EC_KEY_set_group(EC_KEY * key, const EC_GROUP * group)
425{ 414{
426 if (key->group != NULL) 415 EC_GROUP_free(key->group);
427 EC_GROUP_free(key->group);
428 key->group = EC_GROUP_dup(group); 416 key->group = EC_GROUP_dup(group);
429 return (key->group == NULL) ? 0 : 1; 417 return (key->group == NULL) ? 0 : 1;
430} 418}
@@ -438,8 +426,7 @@ EC_KEY_get0_private_key(const EC_KEY * key)
438int 426int
439EC_KEY_set_private_key(EC_KEY * key, const BIGNUM * priv_key) 427EC_KEY_set_private_key(EC_KEY * key, const BIGNUM * priv_key)
440{ 428{
441 if (key->priv_key) 429 BN_clear_free(key->priv_key);
442 BN_clear_free(key->priv_key);
443 key->priv_key = BN_dup(priv_key); 430 key->priv_key = BN_dup(priv_key);
444 return (key->priv_key == NULL) ? 0 : 1; 431 return (key->priv_key == NULL) ? 0 : 1;
445} 432}
@@ -453,8 +440,7 @@ EC_KEY_get0_public_key(const EC_KEY * key)
453int 440int
454EC_KEY_set_public_key(EC_KEY * key, const EC_POINT * pub_key) 441EC_KEY_set_public_key(EC_KEY * key, const EC_POINT * pub_key)
455{ 442{
456 if (key->pub_key != NULL) 443 EC_POINT_free(key->pub_key);
457 EC_POINT_free(key->pub_key);
458 key->pub_key = EC_POINT_dup(pub_key, key->group); 444 key->pub_key = EC_POINT_dup(pub_key, key->group);
459 return (key->pub_key == NULL) ? 0 : 1; 445 return (key->pub_key == NULL) ? 0 : 1;
460} 446}
diff --git a/src/lib/libssl/src/crypto/ec/ec_lib.c b/src/lib/libssl/src/crypto/ec/ec_lib.c
index 3d8b96eb1f..47ccc614d1 100644
--- a/src/lib/libssl/src/crypto/ec/ec_lib.c
+++ b/src/lib/libssl/src/crypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_lib.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -124,8 +124,7 @@ EC_GROUP_free(EC_GROUP * group)
124 124
125 EC_EX_DATA_free_all_data(&group->extra_data); 125 EC_EX_DATA_free_all_data(&group->extra_data);
126 126
127 if (group->generator != NULL) 127 EC_POINT_free(group->generator);
128 EC_POINT_free(group->generator);
129 BN_free(&group->order); 128 BN_free(&group->order);
130 BN_free(&group->cofactor); 129 BN_free(&group->cofactor);
131 130
@@ -148,8 +147,7 @@ EC_GROUP_clear_free(EC_GROUP * group)
148 147
149 EC_EX_DATA_clear_free_all_data(&group->extra_data); 148 EC_EX_DATA_clear_free_all_data(&group->extra_data);
150 149
151 if (group->generator != NULL) 150 EC_POINT_clear_free(group->generator);
152 EC_POINT_clear_free(group->generator);
153 BN_clear_free(&group->order); 151 BN_clear_free(&group->order);
154 BN_clear_free(&group->cofactor); 152 BN_clear_free(&group->cofactor);
155 153
@@ -200,10 +198,8 @@ EC_GROUP_copy(EC_GROUP * dest, const EC_GROUP * src)
200 return 0; 198 return 0;
201 } else { 199 } else {
202 /* src->generator == NULL */ 200 /* src->generator == NULL */
203 if (dest->generator != NULL) { 201 EC_POINT_clear_free(dest->generator);
204 EC_POINT_clear_free(dest->generator); 202 dest->generator = NULL;
205 dest->generator = NULL;
206 }
207 } 203 }
208 204
209 if (!BN_copy(&dest->order, &src->order)) 205 if (!BN_copy(&dest->order, &src->order))
@@ -252,8 +248,7 @@ EC_GROUP_dup(const EC_GROUP * a)
252 248
253err: 249err:
254 if (!ok) { 250 if (!ok) {
255 if (t) 251 EC_GROUP_free(t);
256 EC_GROUP_free(t);
257 return NULL; 252 return NULL;
258 } else 253 } else
259 return t; 254 return t;
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c
index b6f74a1b09..4e49ce4f7b 100644
--- a/src/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_mult.c,v 1.13 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ec_mult.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. 3 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -679,10 +679,8 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
679 ret = 1; 679 ret = 1;
680 680
681err: 681err:
682 if (new_ctx != NULL) 682 BN_CTX_free(new_ctx);
683 BN_CTX_free(new_ctx); 683 EC_POINT_free(tmp);
684 if (tmp != NULL)
685 EC_POINT_free(tmp);
686 free(wsize); 684 free(wsize);
687 free(wNAF_len); 685 free(wNAF_len);
688 if (wNAF != NULL) { 686 if (wNAF != NULL) {
@@ -862,10 +860,8 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
862err: 860err:
863 if (ctx != NULL) 861 if (ctx != NULL)
864 BN_CTX_end(ctx); 862 BN_CTX_end(ctx);
865 if (new_ctx != NULL) 863 BN_CTX_free(new_ctx);
866 BN_CTX_free(new_ctx); 864 ec_pre_comp_free(pre_comp);
867 if (pre_comp)
868 ec_pre_comp_free(pre_comp);
869 if (points) { 865 if (points) {
870 EC_POINT **p; 866 EC_POINT **p;
871 867
@@ -873,10 +869,8 @@ err:
873 EC_POINT_free(*p); 869 EC_POINT_free(*p);
874 free(points); 870 free(points);
875 } 871 }
876 if (tmp_point) 872 EC_POINT_free(tmp_point);
877 EC_POINT_free(tmp_point); 873 EC_POINT_free(base);
878 if (base)
879 EC_POINT_free(base);
880 return ret; 874 return ret;
881} 875}
882 876
diff --git a/src/lib/libssl/src/crypto/ec/ec_pmeth.c b/src/lib/libssl/src/crypto/ec/ec_pmeth.c
index 7ba1d50d7f..07933dc5fd 100644
--- a/src/lib/libssl/src/crypto/ec/ec_pmeth.c
+++ b/src/lib/libssl/src/crypto/ec/ec_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_pmeth.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ec_pmeth.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -114,8 +114,7 @@ pkey_ec_cleanup(EVP_PKEY_CTX * ctx)
114{ 114{
115 EC_PKEY_CTX *dctx = ctx->data; 115 EC_PKEY_CTX *dctx = ctx->data;
116 if (dctx) { 116 if (dctx) {
117 if (dctx->gen_group) 117 EC_GROUP_free(dctx->gen_group);
118 EC_GROUP_free(dctx->gen_group);
119 free(dctx); 118 free(dctx);
120 } 119 }
121} 120}
@@ -213,8 +212,7 @@ pkey_ec_ctrl(EVP_PKEY_CTX * ctx, int type, int p1, void *p2)
213 ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE); 212 ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
214 return 0; 213 return 0;
215 } 214 }
216 if (dctx->gen_group) 215 EC_GROUP_free(dctx->gen_group);
217 EC_GROUP_free(dctx->gen_group);
218 dctx->gen_group = group; 216 dctx->gen_group = group;
219 return 1; 217 return 1;
220 218
diff --git a/src/lib/libssl/src/crypto/ec/eck_prn.c b/src/lib/libssl/src/crypto/ec/eck_prn.c
index b0c8bcd22a..aa13d8b08c 100644
--- a/src/lib/libssl/src/crypto/ec/eck_prn.c
+++ b/src/lib/libssl/src/crypto/ec/eck_prn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eck_prn.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: eck_prn.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -315,20 +315,13 @@ ECPKParameters_print(BIO * bp, const EC_GROUP * x, int off)
315err: 315err:
316 if (!ret) 316 if (!ret)
317 ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); 317 ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
318 if (p) 318 BN_free(p);
319 BN_free(p); 319 BN_free(a);
320 if (a) 320 BN_free(b);
321 BN_free(a); 321 BN_free(gen);
322 if (b) 322 BN_free(order);
323 BN_free(b); 323 BN_free(cofactor);
324 if (gen) 324 BN_CTX_free(ctx);
325 BN_free(gen);
326 if (order)
327 BN_free(order);
328 if (cofactor)
329 BN_free(cofactor);
330 if (ctx)
331 BN_CTX_free(ctx);
332 free(buffer); 325 free(buffer);
333 return (ret); 326 return (ret);
334} 327}
diff --git a/src/lib/libssl/src/crypto/ec/ecp_mont.c b/src/lib/libssl/src/crypto/ec/ecp_mont.c
index ffbce81d4c..af8014ed38 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_mont.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_mont.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_mont.c,v 1.8 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_mont.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Originally written by Bodo Moeller for the OpenSSL project. 3 * Originally written by Bodo Moeller for the OpenSSL project.
4 */ 4 */
@@ -128,14 +128,10 @@ ec_GFp_mont_group_init(EC_GROUP * group)
128void 128void
129ec_GFp_mont_group_finish(EC_GROUP * group) 129ec_GFp_mont_group_finish(EC_GROUP * group)
130{ 130{
131 if (group->field_data1 != NULL) { 131 BN_MONT_CTX_free(group->field_data1);
132 BN_MONT_CTX_free(group->field_data1); 132 group->field_data1 = NULL;
133 group->field_data1 = NULL; 133 BN_free(group->field_data2);
134 } 134 group->field_data2 = NULL;
135 if (group->field_data2 != NULL) {
136 BN_free(group->field_data2);
137 group->field_data2 = NULL;
138 }
139 ec_GFp_simple_group_finish(group); 135 ec_GFp_simple_group_finish(group);
140} 136}
141 137
@@ -143,14 +139,10 @@ ec_GFp_mont_group_finish(EC_GROUP * group)
143void 139void
144ec_GFp_mont_group_clear_finish(EC_GROUP * group) 140ec_GFp_mont_group_clear_finish(EC_GROUP * group)
145{ 141{
146 if (group->field_data1 != NULL) { 142 BN_MONT_CTX_free(group->field_data1);
147 BN_MONT_CTX_free(group->field_data1); 143 group->field_data1 = NULL;
148 group->field_data1 = NULL; 144 BN_clear_free(group->field_data2);
149 } 145 group->field_data2 = NULL;
150 if (group->field_data2 != NULL) {
151 BN_clear_free(group->field_data2);
152 group->field_data2 = NULL;
153 }
154 ec_GFp_simple_group_clear_finish(group); 146 ec_GFp_simple_group_clear_finish(group);
155} 147}
156 148
@@ -158,14 +150,11 @@ ec_GFp_mont_group_clear_finish(EC_GROUP * group)
158int 150int
159ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src) 151ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src)
160{ 152{
161 if (dest->field_data1 != NULL) { 153 BN_MONT_CTX_free(dest->field_data1);
162 BN_MONT_CTX_free(dest->field_data1); 154 dest->field_data1 = NULL;
163 dest->field_data1 = NULL; 155 BN_clear_free(dest->field_data2);
164 } 156 dest->field_data2 = NULL;
165 if (dest->field_data2 != NULL) { 157
166 BN_clear_free(dest->field_data2);
167 dest->field_data2 = NULL;
168 }
169 if (!ec_GFp_simple_group_copy(dest, src)) 158 if (!ec_GFp_simple_group_copy(dest, src))
170 return 0; 159 return 0;
171 160
@@ -201,14 +190,10 @@ ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
201 BIGNUM *one = NULL; 190 BIGNUM *one = NULL;
202 int ret = 0; 191 int ret = 0;
203 192
204 if (group->field_data1 != NULL) { 193 BN_MONT_CTX_free(group->field_data1);
205 BN_MONT_CTX_free(group->field_data1); 194 group->field_data1 = NULL;
206 group->field_data1 = NULL; 195 BN_free(group->field_data2);
207 } 196 group->field_data2 = NULL;
208 if (group->field_data2 != NULL) {
209 BN_free(group->field_data2);
210 group->field_data2 = NULL;
211 }
212 if (ctx == NULL) { 197 if (ctx == NULL) {
213 ctx = new_ctx = BN_CTX_new(); 198 ctx = new_ctx = BN_CTX_new();
214 if (ctx == NULL) 199 if (ctx == NULL)
@@ -241,10 +226,8 @@ ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
241 group->field_data2 = NULL; 226 group->field_data2 = NULL;
242 } 227 }
243err: 228err:
244 if (new_ctx != NULL) 229 BN_CTX_free(new_ctx);
245 BN_CTX_free(new_ctx); 230 BN_MONT_CTX_free(mont);
246 if (mont != NULL)
247 BN_MONT_CTX_free(mont);
248 return ret; 231 return ret;
249} 232}
250 233
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nist.c b/src/lib/libssl/src/crypto/ec/ecp_nist.c
index d49d1735f3..a33f9d9e39 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nist.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nist.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nist.c,v 1.8 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_nist.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -153,8 +153,7 @@ ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
153 153
154err: 154err:
155 BN_CTX_end(ctx); 155 BN_CTX_end(ctx);
156 if (new_ctx != NULL) 156 BN_CTX_free(new_ctx);
157 BN_CTX_free(new_ctx);
158 return ret; 157 return ret;
159} 158}
160 159
@@ -181,8 +180,7 @@ ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
181 180
182 ret = 1; 181 ret = 1;
183err: 182err:
184 if (ctx_new) 183 BN_CTX_free(ctx_new);
185 BN_CTX_free(ctx_new);
186 return ret; 184 return ret;
187} 185}
188 186
@@ -209,7 +207,6 @@ ec_GFp_nist_field_sqr(const EC_GROUP * group, BIGNUM * r, const BIGNUM * a,
209 207
210 ret = 1; 208 ret = 1;
211err: 209err:
212 if (ctx_new) 210 BN_CTX_free(ctx_new);
213 BN_CTX_free(ctx_new);
214 return ret; 211 return ret;
215} 212}
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp224.c b/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
index c466d2db83..ed0bad2a72 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp224.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp224.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Emilia Kasper (Google) for the OpenSSL project. 3 * Written by Emilia Kasper (Google) for the OpenSSL project.
4 */ 4 */
@@ -1285,8 +1285,7 @@ ec_GFp_nistp224_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1285 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1285 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1286err: 1286err:
1287 BN_CTX_end(ctx); 1287 BN_CTX_end(ctx);
1288 if (new_ctx != NULL) 1288 BN_CTX_free(new_ctx);
1289 BN_CTX_free(new_ctx);
1290 return ret; 1289 return ret;
1291} 1290}
1292 1291
@@ -1545,10 +1544,8 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r,
1545 1544
1546err: 1545err:
1547 BN_CTX_end(ctx); 1546 BN_CTX_end(ctx);
1548 if (generator != NULL) 1547 EC_POINT_free(generator);
1549 EC_POINT_free(generator); 1548 BN_CTX_free(new_ctx);
1550 if (new_ctx != NULL)
1551 BN_CTX_free(new_ctx);
1552 free(secrets); 1549 free(secrets);
1553 free(pre_comp); 1550 free(pre_comp);
1554 free(tmp_felems); 1551 free(tmp_felems);
@@ -1676,12 +1673,9 @@ ec_GFp_nistp224_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
1676 pre = NULL; 1673 pre = NULL;
1677err: 1674err:
1678 BN_CTX_end(ctx); 1675 BN_CTX_end(ctx);
1679 if (generator != NULL) 1676 EC_POINT_free(generator);
1680 EC_POINT_free(generator); 1677 BN_CTX_free(new_ctx);
1681 if (new_ctx != NULL) 1678 nistp224_pre_comp_free(pre);
1682 BN_CTX_free(new_ctx);
1683 if (pre)
1684 nistp224_pre_comp_free(pre);
1685 return ret; 1679 return ret;
1686} 1680}
1687 1681
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp256.c b/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
index 7b122e6307..6905b614bc 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp256.c,v 1.13 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp256.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Adam Langley (Google) for the OpenSSL project 3 * Written by Adam Langley (Google) for the OpenSSL project
4 */ 4 */
@@ -1834,8 +1834,7 @@ ec_GFp_nistp256_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1834 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1834 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1835err: 1835err:
1836 BN_CTX_end(ctx); 1836 BN_CTX_end(ctx);
1837 if (new_ctx != NULL) 1837 BN_CTX_free(new_ctx);
1838 BN_CTX_free(new_ctx);
1839 return ret; 1838 return ret;
1840} 1839}
1841 1840
@@ -2098,10 +2097,8 @@ ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r,
2098 2097
2099err: 2098err:
2100 BN_CTX_end(ctx); 2099 BN_CTX_end(ctx);
2101 if (generator != NULL) 2100 EC_POINT_free(generator);
2102 EC_POINT_free(generator); 2101 BN_CTX_free(new_ctx);
2103 if (new_ctx != NULL)
2104 BN_CTX_free(new_ctx);
2105 free(secrets); 2102 free(secrets);
2106 free(pre_comp); 2103 free(pre_comp);
2107 free(tmp_smallfelems); 2104 free(tmp_smallfelems);
@@ -2223,12 +2220,9 @@ ec_GFp_nistp256_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
2223 pre = NULL; 2220 pre = NULL;
2224err: 2221err:
2225 BN_CTX_end(ctx); 2222 BN_CTX_end(ctx);
2226 if (generator != NULL) 2223 EC_POINT_free(generator);
2227 EC_POINT_free(generator); 2224 BN_CTX_free(new_ctx);
2228 if (new_ctx != NULL) 2225 nistp256_pre_comp_free(pre);
2229 BN_CTX_free(new_ctx);
2230 if (pre)
2231 nistp256_pre_comp_free(pre);
2232 return ret; 2226 return ret;
2233} 2227}
2234 2228
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp521.c b/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
index cec0a3b470..c9313ada8e 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_nistp521.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecp_nistp521.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Adam Langley (Google) for the OpenSSL project 3 * Written by Adam Langley (Google) for the OpenSSL project
4 */ 4 */
@@ -1725,8 +1725,7 @@ ec_GFp_nistp521_group_set_curve(EC_GROUP * group, const BIGNUM * p,
1725 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 1725 ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
1726err: 1726err:
1727 BN_CTX_end(ctx); 1727 BN_CTX_end(ctx);
1728 if (new_ctx != NULL) 1728 BN_CTX_free(new_ctx);
1729 BN_CTX_free(new_ctx);
1730 return ret; 1729 return ret;
1731} 1730}
1732 1731
@@ -1985,10 +1984,8 @@ ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r,
1985 1984
1986err: 1985err:
1987 BN_CTX_end(ctx); 1986 BN_CTX_end(ctx);
1988 if (generator != NULL) 1987 EC_POINT_free(generator);
1989 EC_POINT_free(generator); 1988 BN_CTX_free(new_ctx);
1990 if (new_ctx != NULL)
1991 BN_CTX_free(new_ctx);
1992 free(secrets); 1989 free(secrets);
1993 free(pre_comp); 1990 free(pre_comp);
1994 free(tmp_felems); 1991 free(tmp_felems);
@@ -2096,12 +2093,9 @@ ec_GFp_nistp521_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
2096 pre = NULL; 2093 pre = NULL;
2097err: 2094err:
2098 BN_CTX_end(ctx); 2095 BN_CTX_end(ctx);
2099 if (generator != NULL) 2096 EC_POINT_free(generator);
2100 EC_POINT_free(generator); 2097 BN_CTX_free(new_ctx);
2101 if (new_ctx != NULL) 2098 nistp521_pre_comp_free(pre);
2102 BN_CTX_free(new_ctx);
2103 if (pre)
2104 nistp521_pre_comp_free(pre);
2105 return ret; 2099 return ret;
2106} 2100}
2107 2101
diff --git a/src/lib/libssl/src/crypto/ec/ecp_oct.c b/src/lib/libssl/src/crypto/ec/ecp_oct.c
index 2f2920d70d..d2402ee0d8 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_oct.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_oct.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_oct.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_oct.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -190,8 +190,7 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin
190 190
191err: 191err:
192 BN_CTX_end(ctx); 192 BN_CTX_end(ctx);
193 if (new_ctx != NULL) 193 BN_CTX_free(new_ctx);
194 BN_CTX_free(new_ctx);
195 return ret; 194 return ret;
196} 195}
197 196
@@ -290,15 +289,13 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co
290 } 289 }
291 if (used_ctx) 290 if (used_ctx)
292 BN_CTX_end(ctx); 291 BN_CTX_end(ctx);
293 if (new_ctx != NULL) 292 BN_CTX_free(new_ctx);
294 BN_CTX_free(new_ctx);
295 return ret; 293 return ret;
296 294
297err: 295err:
298 if (used_ctx) 296 if (used_ctx)
299 BN_CTX_end(ctx); 297 BN_CTX_end(ctx);
300 if (new_ctx != NULL) 298 BN_CTX_free(new_ctx);
301 BN_CTX_free(new_ctx);
302 return 0; 299 return 0;
303} 300}
304 301
@@ -391,7 +388,6 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
391 388
392err: 389err:
393 BN_CTX_end(ctx); 390 BN_CTX_end(ctx);
394 if (new_ctx != NULL) 391 BN_CTX_free(new_ctx);
395 BN_CTX_free(new_ctx);
396 return ret; 392 return ret;
397} 393}
diff --git a/src/lib/libssl/src/crypto/ec/ecp_smpl.c b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
index 5ba9a925d6..dabc5af899 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_smpl.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_smpl.c,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: ecp_smpl.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -222,8 +222,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group,
222 222
223err: 223err:
224 BN_CTX_end(ctx); 224 BN_CTX_end(ctx);
225 if (new_ctx != NULL) 225 BN_CTX_free(new_ctx);
226 BN_CTX_free(new_ctx);
227 return ret; 226 return ret;
228} 227}
229 228
@@ -267,8 +266,7 @@ ec_GFp_simple_group_get_curve(const EC_GROUP * group, BIGNUM * p, BIGNUM * a, BI
267 ret = 1; 266 ret = 1;
268 267
269err: 268err:
270 if (new_ctx) 269 BN_CTX_free(new_ctx);
271 BN_CTX_free(new_ctx);
272 return ret; 270 return ret;
273} 271}
274 272
@@ -348,8 +346,7 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
348err: 346err:
349 if (ctx != NULL) 347 if (ctx != NULL)
350 BN_CTX_end(ctx); 348 BN_CTX_end(ctx);
351 if (new_ctx != NULL) 349 BN_CTX_free(new_ctx);
352 BN_CTX_free(new_ctx);
353 return ret; 350 return ret;
354} 351}
355 352
@@ -457,8 +454,7 @@ ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP * group, EC_POINT *
457 ret = 1; 454 ret = 1;
458 455
459err: 456err:
460 if (new_ctx != NULL) 457 BN_CTX_free(new_ctx);
461 BN_CTX_free(new_ctx);
462 return ret; 458 return ret;
463} 459}
464 460
@@ -506,8 +502,7 @@ ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP * group, const EC_P
506 ret = 1; 502 ret = 1;
507 503
508err: 504err:
509 if (new_ctx != NULL) 505 BN_CTX_free(new_ctx);
510 BN_CTX_free(new_ctx);
511 return ret; 506 return ret;
512} 507}
513 508
@@ -626,8 +621,7 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN
626 621
627err: 622err:
628 BN_CTX_end(ctx); 623 BN_CTX_end(ctx);
629 if (new_ctx != NULL) 624 BN_CTX_free(new_ctx);
630 BN_CTX_free(new_ctx);
631 return ret; 625 return ret;
632} 626}
633 627
@@ -810,8 +804,7 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons
810end: 804end:
811 if (ctx) /* otherwise we already called BN_CTX_end */ 805 if (ctx) /* otherwise we already called BN_CTX_end */
812 BN_CTX_end(ctx); 806 BN_CTX_end(ctx);
813 if (new_ctx != NULL) 807 BN_CTX_free(new_ctx);
814 BN_CTX_free(new_ctx);
815 return ret; 808 return ret;
816} 809}
817 810
@@ -951,8 +944,7 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C
951 944
952err: 945err:
953 BN_CTX_end(ctx); 946 BN_CTX_end(ctx);
954 if (new_ctx != NULL) 947 BN_CTX_free(new_ctx);
955 BN_CTX_free(new_ctx);
956 return ret; 948 return ret;
957} 949}
958 950
@@ -1071,8 +1063,7 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX
1071 1063
1072err: 1064err:
1073 BN_CTX_end(ctx); 1065 BN_CTX_end(ctx);
1074 if (new_ctx != NULL) 1066 BN_CTX_free(new_ctx);
1075 BN_CTX_free(new_ctx);
1076 return ret; 1067 return ret;
1077} 1068}
1078 1069
@@ -1172,8 +1163,7 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b
1172 1163
1173end: 1164end:
1174 BN_CTX_end(ctx); 1165 BN_CTX_end(ctx);
1175 if (new_ctx != NULL) 1166 BN_CTX_free(new_ctx);
1176 BN_CTX_free(new_ctx);
1177 return ret; 1167 return ret;
1178} 1168}
1179 1169
@@ -1211,8 +1201,7 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx
1211 1201
1212err: 1202err:
1213 BN_CTX_end(ctx); 1203 BN_CTX_end(ctx);
1214 if (new_ctx != NULL) 1204 BN_CTX_free(new_ctx);
1215 BN_CTX_free(new_ctx);
1216 return ret; 1205 return ret;
1217} 1206}
1218 1207
@@ -1377,16 +1366,14 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1377 1366
1378err: 1367err:
1379 BN_CTX_end(ctx); 1368 BN_CTX_end(ctx);
1380 if (new_ctx != NULL) 1369 BN_CTX_free(new_ctx);
1381 BN_CTX_free(new_ctx);
1382 if (heap != NULL) { 1370 if (heap != NULL) {
1383 /* 1371 /*
1384 * heap[pow2/2] .. heap[pow2-1] have not been allocated 1372 * heap[pow2/2] .. heap[pow2-1] have not been allocated
1385 * locally! 1373 * locally!
1386 */ 1374 */
1387 for (i = pow2 / 2 - 1; i > 0; i--) { 1375 for (i = pow2 / 2 - 1; i > 0; i--) {
1388 if (heap[i] != NULL) 1376 BN_clear_free(heap[i]);
1389 BN_clear_free(heap[i]);
1390 } 1377 }
1391 free(heap); 1378 free(heap);
1392 } 1379 }
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
index d82ace3670..ee130edeee 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
+++ b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -201,9 +201,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
201 } 201 }
202 202
203err: 203err:
204 if (tmp) EC_POINT_free(tmp); 204 EC_POINT_free(tmp);
205 if (ctx) BN_CTX_end(ctx); 205 if (ctx)
206 if (ctx) BN_CTX_free(ctx); 206 BN_CTX_end(ctx);
207 BN_CTX_free(ctx);
207 free(buf); 208 free(buf);
208 return(ret); 209 return(ret);
209 } 210 }
diff --git a/src/lib/libssl/src/crypto/ecdsa/ecs_ossl.c b/src/lib/libssl/src/crypto/ecdsa/ecs_ossl.c
index e2c4b1d6d1..0dde5386ff 100644
--- a/src/lib/libssl/src/crypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libssl/src/crypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_ossl.c,v 1.4 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: ecs_ossl.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project 3 * Written by Nils Larsch for the OpenSSL project
4 */ 4 */
@@ -189,28 +189,22 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
189 goto err; 189 goto err;
190 } 190 }
191 /* clear old values if necessary */ 191 /* clear old values if necessary */
192 if (*rp != NULL) 192 BN_clear_free(*rp);
193 BN_clear_free(*rp); 193 BN_clear_free(*kinvp);
194 if (*kinvp != NULL)
195 BN_clear_free(*kinvp);
196 /* save the pre-computed values */ 194 /* save the pre-computed values */
197 *rp = r; 195 *rp = r;
198 *kinvp = k; 196 *kinvp = k;
199 ret = 1; 197 ret = 1;
200err: 198err:
201 if (!ret) 199 if (!ret) {
202 { 200 BN_clear_free(k);
203 if (k != NULL) BN_clear_free(k); 201 BN_clear_free(r);
204 if (r != NULL) BN_clear_free(r);
205 } 202 }
206 if (ctx_in == NULL) 203 if (ctx_in == NULL)
207 BN_CTX_free(ctx); 204 BN_CTX_free(ctx);
208 if (order != NULL) 205 BN_free(order);
209 BN_free(order); 206 EC_POINT_free(tmp_point);
210 if (tmp_point != NULL) 207 BN_clear_free(X);
211 EC_POINT_free(tmp_point);
212 if (X)
213 BN_clear_free(X);
214 return(ret); 208 return(ret);
215} 209}
216 210
@@ -333,16 +327,11 @@ err:
333 ECDSA_SIG_free(ret); 327 ECDSA_SIG_free(ret);
334 ret = NULL; 328 ret = NULL;
335 } 329 }
336 if (ctx) 330 BN_CTX_free(ctx);
337 BN_CTX_free(ctx); 331 BN_clear_free(m);
338 if (m) 332 BN_clear_free(tmp);
339 BN_clear_free(m); 333 BN_free(order);
340 if (tmp) 334 BN_clear_free(kinv);
341 BN_clear_free(tmp);
342 if (order)
343 BN_free(order);
344 if (kinv)
345 BN_clear_free(kinv);
346 return ret; 335 return ret;
347} 336}
348 337
@@ -473,7 +462,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
473err: 462err:
474 BN_CTX_end(ctx); 463 BN_CTX_end(ctx);
475 BN_CTX_free(ctx); 464 BN_CTX_free(ctx);
476 if (point) 465 EC_POINT_free(point);
477 EC_POINT_free(point);
478 return ret; 466 return ret;
479} 467}
diff --git a/src/lib/libssl/src/crypto/engine/eng_rsax.c b/src/lib/libssl/src/crypto/engine/eng_rsax.c
index daeb7e6ebb..358dac2088 100644
--- a/src/lib/libssl/src/crypto/engine/eng_rsax.c
+++ b/src/lib/libssl/src/crypto/engine/eng_rsax.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_rsax.c,v 1.9 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: eng_rsax.c,v 1.10 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (c) 2010-2010 Intel Corp. 2/* Copyright (c) 2010-2010 Intel Corp.
3 * Author: Vinodh.Gopal@intel.com 3 * Author: Vinodh.Gopal@intel.com
4 * Jim Guilford 4 * Jim Guilford
@@ -307,12 +307,9 @@ e_rsax_rsa_finish(RSA *rsa)
307 free(hptr); 307 free(hptr);
308 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL); 308 RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
309 } 309 }
310 if (rsa->_method_mod_n) 310 BN_MONT_CTX_free(rsa->_method_mod_n);
311 BN_MONT_CTX_free(rsa->_method_mod_n); 311 BN_MONT_CTX_free(rsa->_method_mod_p);
312 if (rsa->_method_mod_p) 312 BN_MONT_CTX_free(rsa->_method_mod_q);
313 BN_MONT_CTX_free(rsa->_method_mod_p);
314 if (rsa->_method_mod_q)
315 BN_MONT_CTX_free(rsa->_method_mod_q);
316 return 1; 313 return 1;
317} 314}
318 315
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c
index 9a4b1a6293..d582d7954e 100644
--- a/src/lib/libssl/src/crypto/evp/digest.c
+++ b/src/lib/libssl/src/crypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.21 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: digest.c,v 1.22 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -358,8 +358,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
358 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); 358 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
359 free(ctx->md_data); 359 free(ctx->md_data);
360 } 360 }
361 if (ctx->pctx) 361 EVP_PKEY_CTX_free(ctx->pctx);
362 EVP_PKEY_CTX_free(ctx->pctx);
363#ifndef OPENSSL_NO_ENGINE 362#ifndef OPENSSL_NO_ENGINE
364 if (ctx->engine) 363 if (ctx->engine)
365 /* The EVP_MD we used belongs to an ENGINE, release the 364 /* The EVP_MD we used belongs to an ENGINE, release the
diff --git a/src/lib/libssl/src/crypto/evp/evp_pkey.c b/src/lib/libssl/src/crypto/evp/evp_pkey.c
index cf7a39be7b..38a324558f 100644
--- a/src/lib/libssl/src/crypto/evp/evp_pkey.c
+++ b/src/lib/libssl/src/crypto/evp/evp_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pkey.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: evp_pkey.c,v 1.17 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -104,7 +104,7 @@ EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
104 return pkey; 104 return pkey;
105 105
106error: 106error:
107 EVP_PKEY_free (pkey); 107 EVP_PKEY_free(pkey);
108 return NULL; 108 return NULL;
109} 109}
110 110
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_fn.c b/src/lib/libssl/src/crypto/evp/pmeth_fn.c
index c4a53b0d5f..4cf18a0be1 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_fn.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_fn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_fn.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_fn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -331,8 +331,7 @@ EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
331 return -1; 331 return -1;
332 } 332 }
333 333
334 if (ctx->peerkey) 334 EVP_PKEY_free(ctx->peerkey);
335 EVP_PKEY_free(ctx->peerkey);
336 ctx->peerkey = peer; 335 ctx->peerkey = peer;
337 336
338 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); 337 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_gn.c b/src/lib/libssl/src/crypto/evp/pmeth_gn.c
index 9eb10d4874..29f533625a 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_gn.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_gn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_gn.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_gn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -222,7 +222,6 @@ EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
222 goto merr; 222 goto merr;
223 223
224merr: 224merr:
225 if (mac_ctx) 225 EVP_PKEY_CTX_free(mac_ctx);
226 EVP_PKEY_CTX_free(mac_ctx);
227 return mac_key; 226 return mac_key;
228} 227}
diff --git a/src/lib/libssl/src/crypto/evp/pmeth_lib.c b/src/lib/libssl/src/crypto/evp/pmeth_lib.c
index c9c3444a13..12267a6d93 100644
--- a/src/lib/libssl/src/crypto/evp/pmeth_lib.c
+++ b/src/lib/libssl/src/crypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_lib.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: pmeth_lib.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -371,10 +371,8 @@ EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
371 return; 371 return;
372 if (ctx->pmeth && ctx->pmeth->cleanup) 372 if (ctx->pmeth && ctx->pmeth->cleanup)
373 ctx->pmeth->cleanup(ctx); 373 ctx->pmeth->cleanup(ctx);
374 if (ctx->pkey) 374 EVP_PKEY_free(ctx->pkey);
375 EVP_PKEY_free(ctx->pkey); 375 EVP_PKEY_free(ctx->peerkey);
376 if (ctx->peerkey)
377 EVP_PKEY_free(ctx->peerkey);
378#ifndef OPENSSL_NO_ENGINE 376#ifndef OPENSSL_NO_ENGINE
379 if (ctx->engine) 377 if (ctx->engine)
380 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the 378 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
diff --git a/src/lib/libssl/src/crypto/pem/pem_pk8.c b/src/lib/libssl/src/crypto/pem/pem_pk8.c
index dafbd13814..8d7ac4a954 100644
--- a/src/lib/libssl/src/crypto/pem/pem_pk8.c
+++ b/src/lib/libssl/src/crypto/pem/pem_pk8.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pk8.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_pk8.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -184,8 +184,7 @@ d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
184 if (!ret) 184 if (!ret)
185 return NULL; 185 return NULL;
186 if (x) { 186 if (x) {
187 if (*x) 187 EVP_PKEY_free(*x);
188 EVP_PKEY_free(*x);
189 *x = ret; 188 *x = ret;
190 } 189 }
191 return ret; 190 return ret;
diff --git a/src/lib/libssl/src/crypto/pem/pem_pkey.c b/src/lib/libssl/src/crypto/pem/pem_pkey.c
index 7e5e4f5771..a50742a63d 100644
--- a/src/lib/libssl/src/crypto/pem/pem_pkey.c
+++ b/src/lib/libssl/src/crypto/pem/pem_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pkey.c,v 1.17 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_pkey.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,8 +99,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
99 goto p8err; 99 goto p8err;
100 ret = EVP_PKCS82PKEY(p8inf); 100 ret = EVP_PKCS82PKEY(p8inf);
101 if (x) { 101 if (x) {
102 if (*x) 102 EVP_PKEY_free(*x);
103 EVP_PKEY_free((EVP_PKEY *)*x);
104 *x = ret; 103 *x = ret;
105 } 104 }
106 PKCS8_PRIV_KEY_INFO_free(p8inf); 105 PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -128,8 +127,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
128 goto p8err; 127 goto p8err;
129 ret = EVP_PKCS82PKEY(p8inf); 128 ret = EVP_PKCS82PKEY(p8inf);
130 if (x) { 129 if (x) {
131 if (*x) 130 EVP_PKEY_free(*x);
132 EVP_PKEY_free((EVP_PKEY *)*x);
133 *x = ret; 131 *x = ret;
134 } 132 }
135 PKCS8_PRIV_KEY_INFO_free(p8inf); 133 PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -194,8 +192,7 @@ PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
194 goto err; 192 goto err;
195 } 193 }
196 if (x) { 194 if (x) {
197 if (*x) 195 EVP_PKEY_free(*x);
198 EVP_PKEY_free((EVP_PKEY *)*x);
199 *x = ret; 196 *x = ret;
200 } 197 }
201 } 198 }
diff --git a/src/lib/libssl/src/crypto/pem/pvkfmt.c b/src/lib/libssl/src/crypto/pem/pvkfmt.c
index 32fcc181f7..ca7e908c29 100644
--- a/src/lib/libssl/src/crypto/pem/pvkfmt.c
+++ b/src/lib/libssl/src/crypto/pem/pvkfmt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pvkfmt.c,v 1.10 2014/07/11 15:35:53 miod Exp $ */ 1/* $OpenBSD: pvkfmt.c,v 1.11 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -349,12 +349,9 @@ b2i_dss(const unsigned char **in, unsigned int length, unsigned int bitlen,
349 349
350memerr: 350memerr:
351 PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); 351 PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
352 if (dsa) 352 DSA_free(dsa);
353 DSA_free(dsa); 353 EVP_PKEY_free(ret);
354 if (ret) 354 BN_CTX_free(ctx);
355 EVP_PKEY_free(ret);
356 if (ctx)
357 BN_CTX_free(ctx);
358 return NULL; 355 return NULL;
359} 356}
360 357
@@ -402,10 +399,8 @@ b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen,
402 399
403memerr: 400memerr:
404 PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); 401 PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
405 if (rsa) 402 RSA_free(rsa);
406 RSA_free(rsa); 403 EVP_PKEY_free(ret);
407 if (ret)
408 EVP_PKEY_free(ret);
409 return NULL; 404 return NULL;
410} 405}
411 406
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_key.c b/src/lib/libssl/src/crypto/pkcs12/p12_key.c
index 1f7583084e..0357c2bfa2 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_key.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_key.c,v 1.20 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: p12_key.c,v 1.21 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -195,12 +195,12 @@ err:
195 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE); 195 PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
196 196
197end: 197end:
198 free (Ai); 198 free(Ai);
199 free (B); 199 free(B);
200 free (D); 200 free(D);
201 free (I); 201 free(I);
202 BN_free (Ij); 202 BN_free(Ij);
203 BN_free (Bpl1); 203 BN_free(Bpl1);
204 EVP_MD_CTX_cleanup(&ctx); 204 EVP_MD_CTX_cleanup(&ctx);
205 return ret; 205 return ret;
206} 206}
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
index 4556949456..cc6fd97b9d 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_doit.c,v 1.27 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pk7_doit.c,v 1.28 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -184,10 +184,8 @@ pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen)
184 ret = 1; 184 ret = 1;
185 185
186err: 186err:
187 if (pkey) 187 EVP_PKEY_free(pkey);
188 EVP_PKEY_free(pkey); 188 EVP_PKEY_CTX_free(pctx);
189 if (pctx)
190 EVP_PKEY_CTX_free(pctx);
191 free(ek); 189 free(ek);
192 return ret; 190 return ret;
193} 191}
@@ -244,8 +242,7 @@ pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri,
244 *peklen = eklen; 242 *peklen = eklen;
245 243
246err: 244err:
247 if (pctx) 245 EVP_PKEY_CTX_free(pctx);
248 EVP_PKEY_CTX_free(pctx);
249 if (!ret && ek) 246 if (!ret && ek)
250 free(ek); 247 free(ek);
251 248
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
index 699f5df394..27370800c9 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_lib.c,v 1.13 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pk7_lib.c,v 1.14 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -575,8 +575,7 @@ PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
575 return 1; 575 return 1;
576 576
577err: 577err:
578 if (pkey) 578 EVP_PKEY_free(pkey);
579 EVP_PKEY_free(pkey);
580 return 0; 579 return 0;
581} 580}
582 581
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
index d15d1f1c97..8139db0b7d 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa.h
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa.h,v 1.25 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: rsa.h,v 1.26 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -287,7 +287,7 @@ int RSA_public_decrypt(int flen, const unsigned char *from,
287 unsigned char *to, RSA *rsa, int padding); 287 unsigned char *to, RSA *rsa, int padding);
288int RSA_private_decrypt(int flen, const unsigned char *from, 288int RSA_private_decrypt(int flen, const unsigned char *from,
289 unsigned char *to, RSA *rsa, int padding); 289 unsigned char *to, RSA *rsa, int padding);
290void RSA_free (RSA *r); 290void RSA_free(RSA *r);
291/* "up" the RSA object's reference count */ 291/* "up" the RSA object's reference count */
292int RSA_up_ref(RSA *r); 292int RSA_up_ref(RSA *r);
293 293
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_saos.c b/src/lib/libssl/src/crypto/rsa/rsa_saos.c
index 47b2a4e95f..adf459ee6d 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_saos.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_saos.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_saos.c,v 1.15 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: rsa_saos.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,8 +140,7 @@ RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
140 } else 140 } else
141 ret = 1; 141 ret = 1;
142err: 142err:
143 if (sig != NULL) 143 M_ASN1_OCTET_STRING_free(sig);
144 M_ASN1_OCTET_STRING_free(sig);
145 if (s != NULL) { 144 if (s != NULL) {
146 OPENSSL_cleanse(s, (unsigned int)siglen); 145 OPENSSL_cleanse(s, (unsigned int)siglen);
147 free(s); 146 free(s);
diff --git a/src/lib/libssl/src/crypto/ts/ts_rsp_sign.c b/src/lib/libssl/src/crypto/ts/ts_rsp_sign.c
index 9d20e66f9a..27659e8f45 100644
--- a/src/lib/libssl/src/crypto/ts/ts_rsp_sign.c
+++ b/src/lib/libssl/src/crypto/ts/ts_rsp_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ts_rsp_sign.c,v 1.17 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: ts_rsp_sign.c,v 1.18 2014/07/12 16:03:37 miod Exp $ */
2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL 2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -195,8 +195,7 @@ TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
195int 195int
196TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key) 196TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
197{ 197{
198 if (ctx->signer_key) 198 EVP_PKEY_free(ctx->signer_key);
199 EVP_PKEY_free(ctx->signer_key);
200 ctx->signer_key = key; 199 ctx->signer_key = key;
201 CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY); 200 CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
202 201
diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c
index e26866dc80..b63faaad2c 100644
--- a/src/lib/libssl/src/crypto/x509/x509_cmp.c
+++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_cmp.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: x509_cmp.c,v 1.23 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -358,8 +358,7 @@ X509_check_private_key(X509 *x, EVP_PKEY *k)
358 X509err(X509_F_X509_CHECK_PRIVATE_KEY, 358 X509err(X509_F_X509_CHECK_PRIVATE_KEY,
359 X509_R_UNKNOWN_KEY_TYPE); 359 X509_R_UNKNOWN_KEY_TYPE);
360 } 360 }
361 if (xk) 361 EVP_PKEY_free(xk);
362 EVP_PKEY_free(xk);
363 if (ret > 0) 362 if (ret > 0)
364 return 1; 363 return 1;
365 return 0; 364 return 0;
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index beb8089475..db310de881 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.75 2014/07/12 13:11:53 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.76 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -355,8 +355,7 @@ err:
355 if (s != NULL) { 355 if (s != NULL) {
356 if (s->cert != NULL) 356 if (s->cert != NULL)
357 ssl_cert_free(s->cert); 357 ssl_cert_free(s->cert);
358 if (s->ctx != NULL) 358 SSL_CTX_free(s->ctx); /* decrement reference count */
359 SSL_CTX_free(s->ctx); /* decrement reference count */
360 free(s); 359 free(s);
361 } 360 }
362 SSLerr(SSL_F_SSL_NEW, 361 SSLerr(SSL_F_SSL_NEW,
@@ -528,8 +527,7 @@ SSL_free(SSL *s)
528 /* Free up if allocated */ 527 /* Free up if allocated */
529 528
530 free(s->tlsext_hostname); 529 free(s->tlsext_hostname);
531 if (s->initial_ctx) 530 SSL_CTX_free(s->initial_ctx);
532 SSL_CTX_free(s->initial_ctx);
533 free(s->tlsext_ecpointformatlist); 531 free(s->tlsext_ecpointformatlist);
534 free(s->tlsext_ellipticcurvelist); 532 free(s->tlsext_ellipticcurvelist);
535 if (s->tlsext_ocsp_exts) 533 if (s->tlsext_ocsp_exts)
@@ -545,8 +543,7 @@ SSL_free(SSL *s)
545 if (s->method != NULL) 543 if (s->method != NULL)
546 s->method->ssl_free(s); 544 s->method->ssl_free(s);
547 545
548 if (s->ctx) 546 SSL_CTX_free(s->ctx);
549 SSL_CTX_free(s->ctx);
550 547
551 548
552#ifndef OPENSSL_NO_NEXTPROTONEG 549#ifndef OPENSSL_NO_NEXTPROTONEG
@@ -1831,8 +1828,7 @@ err:
1831 SSLerr(SSL_F_SSL_CTX_NEW, 1828 SSLerr(SSL_F_SSL_CTX_NEW,
1832 ERR_R_MALLOC_FAILURE); 1829 ERR_R_MALLOC_FAILURE);
1833err2: 1830err2:
1834 if (ret != NULL) 1831 SSL_CTX_free(ret);
1835 SSL_CTX_free(ret);
1836 return (NULL); 1832 return (NULL);
1837} 1833}
1838 1834
@@ -2725,8 +2721,7 @@ SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2725 ssl_cert_free(ssl->cert); 2721 ssl_cert_free(ssl->cert);
2726 ssl->cert = ssl_cert_dup(ctx->cert); 2722 ssl->cert = ssl_cert_dup(ctx->cert);
2727 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 2723 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2728 if (ssl->ctx != NULL) 2724 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2729 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2730 ssl->ctx = ctx; 2725 ssl->ctx = ctx;
2731 return (ssl->ctx); 2726 return (ssl->ctx);
2732} 2727}
diff --git a/src/lib/libssl/src/ssl/ssl_rsa.c b/src/lib/libssl/src/ssl/ssl_rsa.c
index c1d24cad52..d4d14bad35 100644
--- a/src/lib/libssl/src/ssl/ssl_rsa.c
+++ b/src/lib/libssl/src/ssl/ssl_rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_rsa.c,v 1.15 2014/06/22 19:09:37 guenther Exp $ */ 1/* $OpenBSD: ssl_rsa.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -201,8 +201,7 @@ ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
201 } 201 }
202 } 202 }
203 203
204 if (c->pkeys[i].privatekey != NULL) 204 EVP_PKEY_free(c->pkeys[i].privatekey);
205 EVP_PKEY_free(c->pkeys[i].privatekey);
206 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); 205 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
207 c->pkeys[i].privatekey = pkey; 206 c->pkeys[i].privatekey = pkey;
208 c->key = &(c->pkeys[i]); 207 c->key = &(c->pkeys[i]);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index beb8089475..db310de881 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.75 2014/07/12 13:11:53 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.76 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -355,8 +355,7 @@ err:
355 if (s != NULL) { 355 if (s != NULL) {
356 if (s->cert != NULL) 356 if (s->cert != NULL)
357 ssl_cert_free(s->cert); 357 ssl_cert_free(s->cert);
358 if (s->ctx != NULL) 358 SSL_CTX_free(s->ctx); /* decrement reference count */
359 SSL_CTX_free(s->ctx); /* decrement reference count */
360 free(s); 359 free(s);
361 } 360 }
362 SSLerr(SSL_F_SSL_NEW, 361 SSLerr(SSL_F_SSL_NEW,
@@ -528,8 +527,7 @@ SSL_free(SSL *s)
528 /* Free up if allocated */ 527 /* Free up if allocated */
529 528
530 free(s->tlsext_hostname); 529 free(s->tlsext_hostname);
531 if (s->initial_ctx) 530 SSL_CTX_free(s->initial_ctx);
532 SSL_CTX_free(s->initial_ctx);
533 free(s->tlsext_ecpointformatlist); 531 free(s->tlsext_ecpointformatlist);
534 free(s->tlsext_ellipticcurvelist); 532 free(s->tlsext_ellipticcurvelist);
535 if (s->tlsext_ocsp_exts) 533 if (s->tlsext_ocsp_exts)
@@ -545,8 +543,7 @@ SSL_free(SSL *s)
545 if (s->method != NULL) 543 if (s->method != NULL)
546 s->method->ssl_free(s); 544 s->method->ssl_free(s);
547 545
548 if (s->ctx) 546 SSL_CTX_free(s->ctx);
549 SSL_CTX_free(s->ctx);
550 547
551 548
552#ifndef OPENSSL_NO_NEXTPROTONEG 549#ifndef OPENSSL_NO_NEXTPROTONEG
@@ -1831,8 +1828,7 @@ err:
1831 SSLerr(SSL_F_SSL_CTX_NEW, 1828 SSLerr(SSL_F_SSL_CTX_NEW,
1832 ERR_R_MALLOC_FAILURE); 1829 ERR_R_MALLOC_FAILURE);
1833err2: 1830err2:
1834 if (ret != NULL) 1831 SSL_CTX_free(ret);
1835 SSL_CTX_free(ret);
1836 return (NULL); 1832 return (NULL);
1837} 1833}
1838 1834
@@ -2725,8 +2721,7 @@ SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2725 ssl_cert_free(ssl->cert); 2721 ssl_cert_free(ssl->cert);
2726 ssl->cert = ssl_cert_dup(ctx->cert); 2722 ssl->cert = ssl_cert_dup(ctx->cert);
2727 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 2723 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2728 if (ssl->ctx != NULL) 2724 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2729 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2730 ssl->ctx = ctx; 2725 ssl->ctx = ctx;
2731 return (ssl->ctx); 2726 return (ssl->ctx);
2732} 2727}
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
index c1d24cad52..d4d14bad35 100644
--- a/src/lib/libssl/ssl_rsa.c
+++ b/src/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_rsa.c,v 1.15 2014/06/22 19:09:37 guenther Exp $ */ 1/* $OpenBSD: ssl_rsa.c,v 1.16 2014/07/12 16:03:37 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -201,8 +201,7 @@ ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
201 } 201 }
202 } 202 }
203 203
204 if (c->pkeys[i].privatekey != NULL) 204 EVP_PKEY_free(c->pkeys[i].privatekey);
205 EVP_PKEY_free(c->pkeys[i].privatekey);
206 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); 205 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
207 c->pkeys[i].privatekey = pkey; 206 c->pkeys[i].privatekey = pkey;
208 c->key = &(c->pkeys[i]); 207 c->key = &(c->pkeys[i]);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 09:30:48 +0000