_gnutls_get_asn_mpis() will release any data on failure

Resolves #15

2 files changed, 5 insertions, 4 deletions

diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c
index 89ca157ed2..e852d2b3ac 100644
--- a/lib/x509/key_decode.c
+++ b/lib/x509/key_decode.c
@@ -204,7 +204,6 @@ _gnutls_x509_read_ecc_params(uint8_t * der, int dersize,
 		goto cleanup;
 	}
 
-	/* Read curve */
 	/* read the curve */
 	oid_size = sizeof(oid);
 	ret = asn1_read_value(spk, "namedCurve", oid, &oid_size);
diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c
index e5b9dddf8b..87f885fd16 100644
--- a/lib/x509/mpi.c
+++ b/lib/x509/mpi.c
@@ -117,7 +117,6 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root,
 	 * then the issuer's parameters should be used. This is not
 	 * done yet.
 	 */
-
 	if (pk_algorithm != GNUTLS_PK_RSA) {	/* RSA doesn't use parameters */
 		result = _gnutls_x509_read_value(asn, name, &tmp);
 		if (result < 0) {
@@ -125,10 +124,11 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root,
 			goto error;
 		}
 
-		if ((result =
+		result =
 		     _gnutls_x509_read_pubkey_params(pk_algorithm,
 						     tmp.data, tmp.size,
-						     params)) < 0) {
+						     params);
+		if (result < 0) {
 			gnutls_assert();
 			goto error;
 		}
@@ -137,6 +137,8 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root,
 	result = 0;
 
       error:
+	if (result < 0)
+		gnutls_pk_params_release(params);
 	_gnutls_free_datum(&tmp);
 	return result;
 }