From ae0a23165073eecbcc8de9c1bcd2e45666ac7d2c Mon Sep 17 00:00:00 2001
From: Lars Nordin <Lars.Nordin@LNdata.se>
Date: Wed, 14 Jan 2026 21:23:52 +0100
Subject: [PATCH] kex: missing `free()` when random data cannot be generated
 (#1780)

If random cannot be generated the allocated data must be freed.
---
 src/kex.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/kex.c b/src/kex.c
index 814a6dc0..ba2381c8 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -3382,6 +3382,7 @@ static int kexinit(LIBSSH2_SESSION * session)
         *(s++) = SSH_MSG_KEXINIT;
 
         if(_libssh2_random(s, 16)) {
+            LIBSSH2_FREE(session, data);
             return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN,
                                   "Unable to get random bytes "
                                   "for KEXINIT cookie");