Move rsa_key initialization in front of load_config().
If loading the config fails, rsa_key isn't initialized and may
cause invalid free() in the end: cleanup.
Remove superfluous memset.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
ecdh_b[i] = NULL;
}
# endif
+# ifndef OPENSSL_NO_RSA
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_key[i] = NULL;
+# endif
if (bio_err == NULL)
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
if (!load_config(bio_err, NULL))
goto end;
-# ifndef OPENSSL_NO_RSA
- memset(rsa_key, 0, sizeof(rsa_key));
- for (i = 0; i < RSA_NUM; i++)
- rsa_key[i] = NULL;
-# endif
-
if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;