From acb158e8277adad473ed32ea1640a3d0b70d733b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 6 May 2025 22:43:31 +0200
Subject: [PATCH] CVE-2025-5351 pki_crypto: Avoid double-free on low-memory
 conditions

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/pki_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 0beee816..663e1441 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -1746,6 +1746,7 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
         bignum_safe_free(bn);
         bignum_safe_free(be);
         OSSL_PARAM_free(params);
+        params = NULL;
 #endif /* OPENSSL_VERSION_NUMBER */
         break;
     }
@@ -1998,6 +1999,7 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
         bignum_safe_free(bd);
         OSSL_PARAM_free(params);
+        params = NULL;
 #endif /* OPENSSL_VERSION_NUMBER */
         break;
     }