From a525aacb816cb1ca3a962ccd2b93bd1cf0cb070a Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 31 Oct 2019 12:32:48 +0000
Subject: Avoid potentially leaking pub_exp in pkey_rsa_copy().

ok inoguchi@
---
 src/lib/libcrypto/rsa/rsa_pmeth.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/lib/libcrypto/rsa/rsa_pmeth.c')

diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c
index 78f6532a5f..fd567658c2 100644
--- a/src/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.24 2019/10/29 08:52:02 jsing Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.25 2019/10/31 12:32:48 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -127,9 +127,9 @@ pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
 	sctx = src->data;
 	dctx = dst->data;
 	dctx->nbits = sctx->nbits;
-	if (sctx->pub_exp) {
-		dctx->pub_exp = BN_dup(sctx->pub_exp);
-		if (!dctx->pub_exp)
+	if (sctx->pub_exp != NULL) {
+		BN_free(dctx->pub_exp);
+		if ((dctx->pub_exp = BN_dup(sctx->pub_exp)) == NULL)
 			return 0;
 	}
 	dctx->pad_mode = sctx->pad_mode;
-- 
cgit v1.2.3-55-g6feb