From 844a0058d0c6815308a0e68192df6a1d6213c68e Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Mon, 22 Oct 2012 00:18:14 +0200
Subject: [PATCH] crypto: fix DH use-after-free and memory leak

Fix a use-after-free bug and a memory leak in the error path of
DiffieHellman::ComputeSecret().

* the BIGNUM key was used after being freed with BN_free().
* the output buffer was not freed
---
 src/node_crypto.cc | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 69ccfd2..b85e5e5 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -3958,11 +3958,16 @@ class DiffieHellman : public ObjectWrap {
 
     int size = DH_compute_key(reinterpret_cast<unsigned char*>(data),
       key, diffieHellman->dh);
-    BN_free(key);
 
     if (size == -1) {
       int checkResult;
-      if (!DH_check_pub_key(diffieHellman->dh, key, &checkResult)) {
+      int checked;
+
+      checked = DH_check_pub_key(diffieHellman->dh, key, &checkResult);
+      BN_free(key);
+      delete[] data;
+
+      if (!checked) {
         return ThrowException(Exception::Error(String::New("Invalid key")));
       } else if (checkResult) {
         if (checkResult & DH_CHECK_PUBKEY_TOO_SMALL) {
@@ -3979,6 +3984,7 @@ class DiffieHellman : public ObjectWrap {
       }
     }
 
+    BN_free(key);
     assert(size >= 0);
 
     // DH_size returns number of bytes in a prime number
-- 
2.7.4