Commit e4551d81c3 for openssl.org
commit e4551d81c3239c31fd2c60ddb5926cca56c73a6d
Author: Neil Horman <nhorman@openssl.org>
Date: Fri Jun 26 11:17:09 2026 -0400
use evp_keyexch_free in evp_keyexch_from_algorithm
evp_keyexch_from_algorithm, in its error path frees the allocated kem
with EVP_KEM_free, but thats a no-op now, and we actually want to
free it to avoid leaks, so we should use evp_keyexch_free (the internal
function that acutally does free the alg) instead.
Fixes https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1695455
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Wed Jul 1 15:32:18 2026
(Merged from https://github.com/openssl/openssl/pull/31748)
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 1d05f8e857..535493c244 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -169,7 +169,7 @@ static void *evp_keyexch_from_algorithm(int name_id,
return exchange;
err:
- EVP_KEYEXCH_free(exchange);
+ evp_keyexch_free(exchange);
return NULL;
}