From 6602d9e3a6fa113cfbc6dd384ab11519c071b9f8 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Wed, 8 May 2019 20:38:10 +0300
Subject: [PATCH] DPP: Fix a memory leak in testing sequence

Do not allow auth->own_protocol_key to be overridden without having
freed the previously stored key in case a test sequence in
dpp_proto_auth_conf_replaced_by_resp is used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 src/common/dpp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 4b8d83811..14934de7c 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2787,6 +2787,7 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth)
 #endif /* CONFIG_TESTING_OPTIONS */
 	wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", auth->r_nonce, nonce_len);
 
+	EVP_PKEY_free(auth->own_protocol_key);
 #ifdef CONFIG_TESTING_OPTIONS
 	if (dpp_protocol_key_override_len) {
 		const struct dpp_curve_params *tmp_curve;