Don't free the EVP_PKEY on error in set0_tmp_dh_pkey() functions

We should not be freeing the caller's key in the event of error. Fixes #17196 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17209) (cherry picked from commit e819b5727312477f8c1f56bf928e611ad7e78315)
author: Matt Caswell <matt@openssl.org> 2021-12-06 11:13:02 +0000
committer: Matt Caswell <matt@openssl.org> 2021-12-07 12:17:17 +0000
commit: bf17b7b18d11d4005c0ff760405744c3e7da2e0d (patch)
tree: 0a3d398a0fa27934c8c15443e84dcaae5bb00c53 /ssl/ssl_lib.c
parent: c9225ed5276fd622ac2eeda671e8d3576e1f1652 (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f497d83ecd..f3993f0bc3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5975,7 +5975,6 @@ int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey)
     if (!ssl_security(s, SSL_SECOP_TMP_DH,
                       EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
         ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
-        EVP_PKEY_free(dhpkey);
         return 0;
     }
     EVP_PKEY_free(s->cert->dh_tmp);
@@ -5988,7 +5987,6 @@ int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey)
     if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
                           EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
         ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
-        EVP_PKEY_free(dhpkey);
         return 0;
     }
     EVP_PKEY_free(ctx->cert->dh_tmp);
author	Matt Caswell <matt@openssl.org>	2021-12-06 11:13:02 +0000
committer	Matt Caswell <matt@openssl.org>	2021-12-07 12:17:17 +0000
commit	bf17b7b18d11d4005c0ff760405744c3e7da2e0d (patch)
tree	0a3d398a0fa27934c8c15443e84dcaae5bb00c53 /ssl/ssl_lib.c
parent	c9225ed5276fd622ac2eeda671e8d3576e1f1652 (diff)