From 23772d25ea2d9f0c22b6fcc0ea8e281694436352 Mon Sep 17 00:00:00 2001
From: inoguchi <>
Date: Sun, 12 Jan 2020 07:11:13 +0000
Subject: Avoid leak in error path of PKCS5_PBE_keyivgen

ok jsing@ tb@
---
 src/lib/libcrypto/evp/p5_crpt.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 75a631bf98..98e4549db1 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_crpt.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p5_crpt.c,v 1.19 2020/01/12 07:11:13 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -108,6 +108,7 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 		iter = 1;
 	else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) {
 		EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+		PBEPARAM_free(pbe);
 		return 0;
 	}
 	salt = pbe->salt->data;
-- 
cgit v1.2.3-55-g6feb