From 4c4ecbc83c59d634517de5550c49cae28b0c0e6a Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 11 Jul 2023 18:40:10 +1000
Subject: [PATCH] Address potential memory leak in dst__openssl_fromlabel

---
 lib/dns/openssl_link.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index c361c3083b..424657b1b2 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -342,6 +342,16 @@ dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
 							ppub, ppriv));
 	}
 
+	if (*ppub != NULL) {
+		EVP_PKEY_free(*ppub);
+		*ppub = NULL;
+	}
+
+	if (*ppriv != NULL) {
+		EVP_PKEY_free(*ppriv);
+		*ppriv = NULL;
+	}
+
 	return (dst__openssl_fromlabel_engine(key_base_id, engine, label, pin,
 					      ppub, ppriv));
 }