From 7ae287b389f7b4b66ed89fa379b4d295cdf76231 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 8 Nov 2024 22:10:18 +0000
Subject: Clean up EC_KEY_dup()

This calls init() with the default method, so EC_KEY_copy() gets a chance
to call finish() if the source's method doesn't match. But no init() call
is made in EC_KEY_copy(). Of course the source method's copy() needs to be
able to cope. The great news is that ssh uses this. Sigh.

ok beck jsing
---
 src/lib/libcrypto/ec/ec_key.c | 25 +++++++++++++++----------
 1 file changed, 15 insertions(+), 10 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c
index 4f3f27dabd..1aef634349 100644
--- a/src/lib/libcrypto/ec/ec_key.c
+++ b/src/lib/libcrypto/ec/ec_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_key.c,v 1.45 2024/11/08 22:03:29 tb Exp $ */
+/* $OpenBSD: ec_key.c,v 1.46 2024/11/08 22:10:18 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project.
  */
@@ -186,17 +186,22 @@ EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
 LCRYPTO_ALIAS(EC_KEY_copy);
 
 EC_KEY *
-EC_KEY_dup(const EC_KEY *ec_key)
+EC_KEY_dup(const EC_KEY *in_ec_key)
 {
-	EC_KEY *ret;
+	EC_KEY *ec_key;
 
-	if ((ret = EC_KEY_new_method(NULL)) == NULL)
-		return NULL;
-	if (EC_KEY_copy(ret, ec_key) == NULL) {
-		EC_KEY_free(ret);
-		return NULL;
-	}
-	return ret;
+	/* XXX - Pass NULL - so we're perhaps not running the right init()? */
+	if ((ec_key = EC_KEY_new_method(NULL)) == NULL)
+		goto err;
+	if (EC_KEY_copy(ec_key, in_ec_key) == NULL)
+		goto err;
+
+	return ec_key;
+
+ err:
+	EC_KEY_free(ec_key);
+
+	return NULL;
 }
 LCRYPTO_ALIAS(EC_KEY_dup);
 
-- 
cgit v1.2.3-55-g6feb