From 2ac7753c107e71bfdcaa08b18eb4e6683292be57 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 21 Apr 2016 15:30:17 +0100
Subject: [PATCH] Fix CRYPTO_clear_realloc() bug.

If allocation in CRYPTO_clear_realloc() fails don't free up the original
buffer: this is consistent with the behaviour of realloc(3) and is expected
in other places in OpenSSL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
---
 crypto/mem.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/crypto/mem.c b/crypto/mem.c
index 16ef64c6fe..9bdd5043a9 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -201,9 +201,10 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
     }
 
     ret = CRYPTO_malloc(num, file, line);
-    if (ret)
+    if (ret != NULL) {
         memcpy(ret, str, old_len);
-    CRYPTO_clear_free(str, old_len, file, line);
+        CRYPTO_clear_free(str, old_len, file, line);
+    }
     return ret;
 }
 
-- 
GitLab