Fix CRYPTO_clear_realloc() bug.

If allocation in CRYPTO_clear_realloc() fails don't free up the original
buffer: this is consistent with the behaviour of realloc(3) and is expected
in other places in OpenSSL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

diff --git a/crypto/mem.c b/crypto/mem.c
index 16ef64c6fecf69d7cb4957b85530e2ec49fed882..9bdd5043a977a4ff6dbc9f9708653c83095e02e8 100644 (file)
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -201,9 +201,10 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
     }
 
     ret = CRYPTO_malloc(num, file, line);
-    if (ret)
+    if (ret != NULL) {
         memcpy(ret, str, old_len);
-    CRYPTO_clear_free(str, old_len, file, line);
+        CRYPTO_clear_free(str, old_len, file, line);
+    }
     return ret;
 }