> +err_rsa:
> +             if (n)
> +                     BN_free(n);
> +             if (e)
> +                     BN_free(e);
> +             if (d)
> +                     BN_free(d);
> +             if (p)
> +                     BN_free(p);
> +             if (q)
> +                     BN_free(q);
> +             if (dmp1)
> +                     BN_free(dmp1);
> +             if (dmq1)
> +                     BN_free(dmq1);
> +             if (iqmp)
> +                     BN_free(iqmp);
> +

Hi,

I don't think the if() test is required prior to calling BN_free().

The docs say: "If a is NULL, nothing is done.":

    https://www.openssl.org/docs/manmaster/man3/BN_free.html

I mention this because the code above is also in Coverity defect 305854.

Could you look at that and provide a fix.

Thanks.

John



Reply via email to