Add missing OPENSSL_clear_free before using ec->key

Fixes #7657

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7877)

(cherry picked from commit 4128136a28c3b7d3878daed728c49f18eb950adc)

diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
index eac9c2fc862ebe05c9a45dc607343587f5651ef8..26e3bdcf9e41273e432cad1373fd46c6c0e5ded0 100644 (file)
--- a/crypto/cms/cms_pwri.c
+++ b/crypto/cms/cms_pwri.c
@@ -373,6 +373,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
             goto err;
         }
 
+        OPENSSL_clear_free(ec->key, ec->keylen);
         ec->key = key;
         ec->keylen = keylen;