From b69f7e5d8cea9a02346274e95cfe8a672964701c Mon Sep 17 00:00:00 2001
From: JiashengJiang <jiasheng@purdue.edu>
Date: Tue, 22 Apr 2025 09:03:44 -0400
Subject: [PATCH] apps/pkeyutl.c: Add OPENSSL_free() to avoid a memory leak

If EVP_PKEY_CTX_ctrl_str() fails, the code jumps to 'end' label without freeing passwd, causing a memory leak.

Fixes: 9d1bf5f7de ("Add option to read pkeyopts interactively")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27470)

(cherry picked from commit 0dc6ea55a13dbe27af234b5328527d0a31ae68eb)
---
 apps/pkeyutl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 6e301e50d8e..56564468a88 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -392,6 +392,7 @@ int pkeyutl_main(int argc, char **argv)
             if (EVP_PKEY_CTX_ctrl_str(ctx, opt, passwd) <= 0) {
                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
                            prog, opt);
+                OPENSSL_free(passwd);
                 goto end;
             }
             OPENSSL_free(passwd);
-- 
2.47.2