X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fevp%2Fpkey_kdf.c;h=f32d2131a753c5ff7d8a34a8163aaaa1d58c1eff;hp=f4cf40e6f4bde12094a6656109c14a7924b5e0d3;hb=7eeceeaab24aea16027cdc1f9df92366094893b7;hpb=53598b22987faead115463bf8bd027cd8f794cf3

diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c
index f4cf40e6f4..f32d2131a7 100644
--- a/crypto/evp/pkey_kdf.c
+++ b/crypto/evp/pkey_kdf.c
@@ -82,17 +82,13 @@ static int collect(BUF_MEM **collector, void *data, size_t datalen)
         return 0;
     }
 
-    i = (*collector)->length; /* BUF_MEM_grow() changes it! */
-    /*
-     * The i + datalen check is to distinguish between BUF_MEM_grow()
-     * signaling an error and BUF_MEM_grow() simply returning the (zero)
-     * length.
-     */
-    if (!BUF_MEM_grow(*collector, i + datalen)
-        && i + datalen != 0)
-        return 0;
-    if (data != NULL)
+    if (data != NULL && datalen > 0) {
+        i = (*collector)->length; /* BUF_MEM_grow() changes it! */
+
+        if (!BUF_MEM_grow(*collector, i + datalen))
+            return 0;
         memcpy((*collector)->data + i, data, datalen);
+    }
     return 1;
 }
 
@@ -127,8 +123,10 @@ static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
          * Perform the semantics described in
          * EVP_PKEY_CTX_add1_tls1_prf_seed(3)
          */
-        if (ctx->pmeth->pkey_id == NID_tls1_prf)
+        if (ctx->pmeth->pkey_id == NID_tls1_prf) {
             BUF_MEM_free(pkctx->collected_seed);
+            pkctx->collected_seed = NULL;
+        }
         break;
     case EVP_PKEY_CTRL_TLS_SEED:
         cmd = T_OCTET_STRING;