Commit 6a56b9c326 for openssl.org

commit 6a56b9c326feeb99c3582c0e836b18c6f4395987
Author: sucloudflare <cloudflare.ddos21@gmail.com>
Date:   Sat Jun 6 17:40:23 2026 -0300

    crypto/evp: align exchange.c cleanup with kem/sig/asymcipher pattern

    Commit a21f77d added explicit null assignments after EVP_KEYMGMT_free()
    calls at the err:, legacy:, and success exit paths in kem.c,
    asymcipher.c and signature.c.

    The identical exit paths in evp_keyexch_init() (crypto/evp/exchange.c)
    were not updated at the same time, leaving exchange.c as the only
    outlier in the family without these null assignments.

    This patch brings exchange.c into consistency with its sibling files
    by adding exchange = NULL and tmp_keymgmt = NULL after each free at
    the exit paths, matching the established pattern from a21f77d.

    No functional change intended.

    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
    MergeDate: Wed Jun 10 11:20:19 2026
    (Merged from https://github.com/openssl/openssl/pull/31394)

diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 3928c08ec3..849bc21514 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -295,7 +295,9 @@ int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
          * iteration we're on.
          */
         EVP_KEYEXCH_free(exchange);
+        exchange = NULL;
         EVP_KEYMGMT_free(tmp_keymgmt);
+        tmp_keymgmt = NULL;

         switch (iter) {
         case 1: