From 0c2aabbaeacf1cc9864daaed11fae755fe7bc025 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 2 Nov 2023 17:19:38 +0100
Subject: [PATCH] ossl_qrl_enc_level_set_provide_secret(): Avoid leaking
 keyslot in error condition

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22600)
---
 ssl/quic/quic_record_shared.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssl/quic/quic_record_shared.c b/ssl/quic/quic_record_shared.c
index 36807c7dd50..a3fd51db6dc 100644
--- a/ssl/quic/quic_record_shared.c
+++ b/ssl/quic/quic_record_shared.c
@@ -185,7 +185,7 @@ static int el_setup_keyslot(OSSL_QRL_ENC_LEVEL_SET *els,
     EVP_CIPHER_free(cipher);
     return 1;
 
-err:
+ err:
     EVP_CIPHER_CTX_free(cctx);
     EVP_CIPHER_free(cipher);
     OPENSSL_cleanse(el->iv[keyslot], sizeof(el->iv[keyslot]));
@@ -327,16 +327,16 @@ int ossl_qrl_enc_level_set_provide_secret(OSSL_QRL_ENC_LEVEL_SET *els,
     el->state = QRL_EL_STATE_PROV_NORMAL;
     return 1;
 
-err:
+ err:
     el->suite_id = 0;
     el->md = NULL;
     OPENSSL_cleanse(hpr_key, sizeof(hpr_key));
     OPENSSL_cleanse(ku_key, sizeof(ku_key));
     OPENSSL_cleanse(el->ku, sizeof(el->ku));
     if (have_ks0)
-        el_teardown_keyslot(els, enc_level, 0);
+        el_teardown_keyslot(els, enc_level, init_keyslot);
     if (have_ks1)
-        el_teardown_keyslot(els, enc_level, 1);
+        el_teardown_keyslot(els, enc_level, !init_keyslot);
     if (own_md)
         EVP_MD_free(md);
     return 0;
-- 
2.47.2