From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 11 Mar 2021 12:29:42 +0000 (+0100)
Subject: evp_keymgmt_util_copy: Fix possible leak on copy failure
X-Git-Tag: openssl-3.0.0-alpha14~256
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e08993eab65cdc67a3f2078e99f366c155eed49d;p=thirdparty%2Fopenssl.git

evp_keymgmt_util_copy: Fix possible leak on copy failure

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14511)
---

diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 4f0dc2d4a79..872a63ae474 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -455,8 +455,10 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection)
          * implemented, so just copy and be done
          */
         if (!evp_keymgmt_copy(to_keymgmt, to_keydata, from->keydata,
-                              selection))
+                              selection)) {
+            evp_keymgmt_freedata(to_keymgmt, alloc_keydata);
             return 0;
+        }
     } else if (match_type(to_keymgmt, from->keymgmt)) {
         struct evp_keymgmt_util_try_import_data_st import_data;
 
@@ -466,10 +468,8 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection)
 
         if (!evp_keymgmt_util_export(from, selection,
                                      &evp_keymgmt_util_try_import,
-                                     &import_data)) {
-            evp_keymgmt_freedata(to_keymgmt, alloc_keydata);
+                                     &import_data))
             return 0;
-        }
 
         /*
          * In case to_keydata was previously unallocated,