From: Shane Lontis <shane.lontis@oracle.com>
Date: Wed, 17 Jun 2020 07:26:47 +0000 (+1000)
Subject: Fix potential double free in rsa_keygen pairwise test.
X-Git-Tag: openssl-3.0.0-alpha4~39
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=7905806c94b17b1907d5352ceb047dd8d859288c;ds=sidebyside

Fix potential double free in rsa_keygen pairwise test.

It should never hit this branch of code, so there is no feasible test.
Found due to a similar issue in PR #12176.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12177)
---

diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index e391f6419a..1cdc8d91e8 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -451,6 +451,12 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes,
             BN_clear_free(rsa->dmp1);
             BN_clear_free(rsa->dmq1);
             BN_clear_free(rsa->iqmp);
+            rsa->d = NULL;
+            rsa->p = NULL;
+            rsa->q = NULL;
+            rsa->dmp1 = NULL;
+            rsa->dmq1 = NULL;
+            rsa->iqmp = NULL;
         }
     }
     return ok;