From 4675a56a3ce2bef715386e45036426c8a4329d39 Mon Sep 17 00:00:00 2001
From: Vitezslav Cizek <vcizek@suse.com>
Date: Thu, 24 Nov 2016 13:21:41 +0100
Subject: apps/speed.c: Fix crash when config loading fails

Move rsa_key initialization in front of load_config().
If loading the config fails, rsa_key isn't initialized and may
cause invalid free() in the end: cleanup.
Remove superfluous memset.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c003851783ed05e3fd5296786e1f8f6a63dc4f31)
---
 apps/speed.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index ef72723036..7922473504 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -666,6 +666,10 @@ int MAIN(int argc, char **argv)
         ecdh_b[i] = NULL;
     }
 # endif
+# ifndef OPENSSL_NO_RSA
+    for (i = 0; i < RSA_NUM; i++)
+        rsa_key[i] = NULL;
+# endif
 
     if (bio_err == NULL)
         if ((bio_err = BIO_new(BIO_s_file())) != NULL)
@@ -674,12 +678,6 @@ int MAIN(int argc, char **argv)
     if (!load_config(bio_err, NULL))
         goto end;
 
-# ifndef OPENSSL_NO_RSA
-    memset(rsa_key, 0, sizeof(rsa_key));
-    for (i = 0; i < RSA_NUM; i++)
-        rsa_key[i] = NULL;
-# endif
-
     if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
         BIO_printf(bio_err, "out of memory\n");
         goto end;
-- 
cgit v1.2.3