isakmpd: avoid double free

Tue, 28 Mar 2023 00:08:49 -0700 

Fixed the same problem in iked/dh.c r1.31:

In the unlikely event that EC_KEY_check_key() fails, dh_init() fails and
group_free() is called, which will EC_KEY_free(group-ec) a second time.

Index: dh.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/dh.c,v
retrieving revision 1.25
diff -u -p -r1.25 dh.c
--- dh.c        14 Jan 2022 09:19:19 -0000      1.25
+++ dh.c        27 Mar 2023 22:49:39 -0000
@@ -420,10 +420,8 @@ ec_init(struct group *group)
                return (-1);
        if (!EC_KEY_generate_key(group->ec))
                return (-1);
-       if (!EC_KEY_check_key(group->ec)) {
-               EC_KEY_free(group->ec);
+       if (!EC_KEY_check_key(group->ec))
                return (-1);
-       }
        return (0);
 }

Reply via email to