We have: BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) and we call it with a == NULL; and a valid d and n:
BIGNUM * aBN = BN_mpi2bn((d,n,NULL); in code, a new 'a' is allocated: ... if (a == NULL) a=BN_new(); if (a == NULL) return(NULL); .. and some later, with a != NULL, (allocated above) we have the call: ... if (BN_bin2bn(d,(int)len,a) == NULL) return(NULL); If BN_bin2bn fails and returns NULL, the BN_mpi2bn returns NULL also but a (allocated above) is not freed/BN_free() so it seems a memory leak in this case. Lucian ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
