Commit 4d50403e51 for openssl.org

commit 4d50403e5125d7d8190e6adff3d86727ba05c912
Author: Neil Horman <nhorman@openssl.org>
Date:   Fri Jun 26 11:17:09 2026 -0400

    use evp_signature_free in evp_signature_from_algorithm

    evp_signature_from_algorithm, in its error path frees the allocated sig
    with EVP_SIGNATURE_free, but thats a no-op now, and we actually want to
    free it to avoid leaks, so we should use evp_signature_free (the internal
    function that acutally does free the alg) instead.

    Fixes https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1695450

    Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Norbert Pocs <norbertp@openssl.org>
    MergeDate: Wed Jul  1 15:32:23 2026
    (Merged from https://github.com/openssl/openssl/pull/31748)

diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 15e4116400..cd8e00d77e 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -463,7 +463,7 @@ static void *evp_signature_from_algorithm(int name_id,

     return signature;
 err:
-    EVP_SIGNATURE_free(signature);
+    evp_signature_free(signature);
     return NULL;
 }