Avoid double-free on unsuccessful getting PRNG seeding

[openssl.git] / providers / implementations / rands / seed_src.c

diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c
index 173c99ce173229aff71cac94632f73cd747278dc..7a4b780bb469777ee2b35ddc05ac673a09804649 100644 (file)
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout,
         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    *pout = p;
     if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
-                          adin, adin_len) != 0)
+                          adin, adin_len) != 0) {
+        *pout = p;
         return bytes_needed;
+    }
     OPENSSL_secure_clear_free(p, bytes_needed);
     return 0;
 }