From b3bd3d5af8ed31f438db4367ce3a4bd43067e764 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 27 Apr 2016 14:22:20 +0100
Subject: [PATCH] Don't leak memory on error path in dane_ctx_enable()

The function dane_ctx_enable() allocated some memory that it did not
free in an error path.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 ssl/ssl_lib.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f93b98f42f..99d88b31ee 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -215,6 +215,7 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx)
     mdord = OPENSSL_zalloc(n * sizeof(*mdord));
 
     if (mdord == NULL || mdevp == NULL) {
+        OPENSSL_free(mdord);
         OPENSSL_free(mdevp);
         SSLerr(SSL_F_DANE_CTX_ENABLE, ERR_R_MALLOC_FAILURE);
         return 0;
-- 
2.34.1