pem: fix a memory leak in PEM_write_bio_PrivateKey_traditional

The copy of PKEY should be released on the error path.
Easily reproduced with "ED448" context.

Signed-off-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19536)

diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index f9346486dd2f19010deb6562d3f8e64194fb5ea5..53367c03dbbe043d213f2fdf1aeafc220cf7c926 100644 (file)
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -343,6 +343,7 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
 
     if (x->ameth == NULL || x->ameth->old_priv_encode == NULL) {
         ERR_raise(ERR_LIB_PEM, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+        EVP_PKEY_free(copy);
         return 0;
     }
     BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);