From 364fe4ebe4a3aabdecd2a6e6bc7deed6fb4ed4ee Mon Sep 17 00:00:00 2001
From: antma <code@vysheng.ru>
Date: Tue, 21 Jan 2014 18:24:40 +0400
Subject: [PATCH] add check that BN_is_prime return value is not negative fix
 memory leak (BN_clear doesn't release allocated memory)

---
 mtproto-client.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/mtproto-client.c b/mtproto-client.c
index e8e692c..5f1a997 100644
--- a/mtproto-client.c
+++ b/mtproto-client.c
@@ -428,6 +428,12 @@ int process_respq_answer (struct connection *c, char *packet, int len) {
   return rpc_send_packet (c);
 }
 
+int check_prime (BIGNUM *p) {
+  int r = BN_is_prime (p, BN_prime_checks, 0, BN_ctx, 0);
+  ensure (r >= 0);
+  return r;
+}
+
 int check_DH_params (BIGNUM *p, int g) {
   if (g < 2 || g > 7) { return -1; }
   BIGNUM t;
@@ -440,7 +446,7 @@ int check_DH_params (BIGNUM *p, int g) {
   int x = BN_get_word (&t);
   assert (x >= 0 && x < 4 * g);
 
-  BN_clear (&dh_g);
+  BN_free (&dh_g);
 
   switch (g) {
   case 2:
@@ -462,15 +468,15 @@ int check_DH_params (BIGNUM *p, int g) {
     break;
   }
 
-  if (!BN_is_prime (p, BN_prime_checks, 0, BN_ctx, 0)) { return -1; }
+  if (!check_prime (p)) { return -1; }
 
   BIGNUM b;
   BN_init (&b);
   ensure (BN_set_word (&b, 2));
   ensure (BN_div (&t, 0, p, &b, BN_ctx));
-  if (!BN_is_prime (&t, BN_prime_checks, 0, BN_ctx, 0)) { return -1; }
-  BN_clear (&b);
-  BN_clear (&t);
+  if (!check_prime (&t)) { return -1; }
+  BN_free (&b);
+  BN_free (&t);
   return 0;
 }