From 7e0e3ef4e0b6ab236003a1f8dec5846a6d4bd358 Mon Sep 17 00:00:00 2001
From: SophieK <35367649+suishixingkong@users.noreply.github.com>
Date: Thu, 9 May 2019 15:20:30 +0800
Subject: [PATCH] keymat_v1: Avoid memory leak during IKE key derivation in
 some error cases

Closes strongswan/strongswan#138.
---
 src/libcharon/sa/ikev1/keymat_v1.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index bcea1f3889..34bae4391c 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -416,6 +416,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
 	{
 		chunk_clear(&g_xy);
 		chunk_clear(&data);
+		chunk_clear(&skeyid);
 		return FALSE;
 	}
 	chunk_clear(&data);
@@ -427,6 +428,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
 	{
 		chunk_clear(&g_xy);
 		chunk_clear(&data);
+		chunk_clear(&skeyid);
 		return FALSE;
 	}
 	chunk_clear(&data);
@@ -438,6 +440,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
 	{
 		chunk_clear(&g_xy);
 		chunk_clear(&data);
+		chunk_clear(&skeyid);
 		return FALSE;
 	}
 	chunk_clear(&data);
-- 
2.47.2