evp_keyex_init is called from two locations. Both of them assume that if the functions returns zero (success) the ownership of pkey is transferred to evp_pkey_init, or if the function returns non-zero (failure) the reference count of pkey remains as-is.
However, evp_keyex_init has been inconsistent in what to do upon failure; it has been retaining reference count as-is if malloc failed, but has been decrementing the reference count if EVP_PKEY_get1_tls_encodedpoint failed.
This PR address the latter, making sure that if an error is returned the reference count remains as-is.
evp_keyex_initis called from two locations. Both of them assume that if the functions returns zero (success) the ownership ofpkeyis transferred toevp_pkey_init, or if the function returns non-zero (failure) the reference count ofpkeyremains as-is.However,
evp_keyex_inithas been inconsistent in what to do upon failure; it has been retaining reference count as-is ifmallocfailed, but has been decrementing the reference count ifEVP_PKEY_get1_tls_encodedpointfailed.This PR address the latter, making sure that if an error is returned the reference count remains as-is.