Fix potential double free in rsa_keygen pairwise test.

It should never hit this branch of code, so there is no feasible test.
Found due to a similar issue in PR #12176.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12177)

diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index e391f6419aa52ccdaf207bd0578cbbf4359b21bc..1cdc8d91e8823a88a9ee550f86acc420fd920227 100644 (file)
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -451,6 +451,12 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes,
             BN_clear_free(rsa->dmp1);
             BN_clear_free(rsa->dmq1);
             BN_clear_free(rsa->iqmp);
+            rsa->d = NULL;
+            rsa->p = NULL;
+            rsa->q = NULL;
+            rsa->dmp1 = NULL;
+            rsa->dmq1 = NULL;
+            rsa->iqmp = NULL;
         }
     }
     return ok;