From bfb1b5d6f477a9190226a52894ee85e3a87fa09a Mon Sep 17 00:00:00 2001
From: tobhe <>
Date: Tue, 8 Nov 2022 12:59:36 +0000
Subject: Fix leak of pk if EVP_PKEY_set1_RSA() fails.

Found with CodeChecker
feedback and ok tb@
---
 src/lib/libcrypto/rsa/rsa_prn.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/rsa/rsa_prn.c b/src/lib/libcrypto/rsa/rsa_prn.c
index c46b08c00d..46e09dc117 100644
--- a/src/lib/libcrypto/rsa/rsa_prn.c
+++ b/src/lib/libcrypto/rsa/rsa_prn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_prn.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: rsa_prn.c,v 1.8 2022/11/08 12:59:36 tobhe Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -82,12 +82,16 @@ int
 RSA_print(BIO *bp, const RSA *x, int off)
 {
 	EVP_PKEY *pk;
-	int ret;
+	int ret = 0;
+
+	if ((pk = EVP_PKEY_new()) == NULL)
+		goto out;
+
+	if (!EVP_PKEY_set1_RSA(pk, (RSA *)x))
+		goto out;
 
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
-		return 0;
 	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ out:
 	EVP_PKEY_free(pk);
 	return ret;
 }
-- 
cgit v1.2.3-55-g6feb