From 582e5929243183b8ba21514b7c198d70359e4734 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 2 Mar 2000 00:37:53 +0000
Subject: [PATCH] Fix bug which would free up a public key twice if the verify
 callback tried to continue after a signature failure.

---
 crypto/x509/x509_vfy.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 4fdff54124..8563f65695 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -436,11 +436,14 @@ static int internal_verify(X509_STORE_CTX *ctx)
 				}
 			if (X509_verify(xs,pkey) <= 0)
 				{
-				EVP_PKEY_free(pkey);
 				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
 				ctx->current_cert=xs;
 				ok=(*cb)(0,ctx);
-				if (!ok) goto end;
+				if (!ok)
+					{
+					EVP_PKEY_free(pkey);
+					goto end;
+					}
 				}
 			EVP_PKEY_free(pkey);
 			pkey=NULL;
-- 
2.34.1