From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Tue, 20 Oct 2020 12:16:30 +0000 (+0200)
Subject: Avoid potential doublefree on dh object assigned to EVP_PKEY
X-Git-Tag: OpenSSL_1_1_1i~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b324bb09f6313b370954fde8f2034a6055d8c2f;p=thirdparty%2Fopenssl.git

Avoid potential doublefree on dh object assigned to EVP_PKEY

Fixes regression from 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13194)
---

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 3bf8aacfc0b..fd3b79c4efa 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2150,6 +2150,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
                  ERR_R_EVP_LIB);
         goto err;
     }
+    dh = NULL;
 
     if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp),
                       0, peer_tmp)) {