From 370ee919b37cc9a46c36428b2bb1527eae5db2bd Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 27 Oct 2015 13:45:25 +0100
Subject: openssl: engine: remove double-free

After a successful call to SSL_CTX_use_PrivateKey(), we must not call
EVP_PKEY_free() on the key.

Reported-by: nased0
Closes #509
---
 lib/vtls/openssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib/vtls')

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 3bc079e7e..f93a89507 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -558,7 +558,7 @@ int cert_stuff(struct connectdata *conn,
       break;
     case SSL_FILETYPE_ENGINE:
 #ifdef HAVE_OPENSSL_ENGINE_H
-      {                         /* XXXX still needs some work */
+      {
         EVP_PKEY *priv_key = NULL;
         if(data->state.engine) {
 #ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
@@ -592,7 +592,7 @@ int cert_stuff(struct connectdata *conn,
             EVP_PKEY_free(priv_key);
             return 0;
           }
-          EVP_PKEY_free(priv_key);  /* we don't need the handle any more... */
+          /* ownership of priv_key was handed over, no need to free it here */
         }
         else {
           failf(data, "crypto engine not set, can't load private key");
-- 
cgit v1.2.3