Avoid reading an unused byte after the buffer

[oweals/openssl.git] / crypto / ec / ec_asn1.c

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 292437409fd8cbf57afafb904392f4a8711c5c78..6ff94a356362e99d755efef3935f523377b23cdf 100644 (file)
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1017,14 +1017,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
     EC_KEY *ret = NULL;
     EC_PRIVATEKEY *priv_key = NULL;
 
-    if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
-        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
+    if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) {
         ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-        EC_PRIVATEKEY_free(priv_key);
         return NULL;
     }
 
@@ -1033,8 +1027,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
             ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
             goto err;
         }
-        if (a)
-            *a = ret;
     } else
         ret = *a;
 
@@ -1102,10 +1094,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
         ret->enc_flag |= EC_PKEY_NO_PUBKEY;
     }
 
+    if (a)
+        *a = ret;
     ok = 1;
  err:
     if (!ok) {
-        if (ret)
+        if (ret && (a == NULL || *a != ret))
             EC_KEY_free(ret);
         ret = NULL;
     }