If ain == NULL then a points to newly malloced memory which should be freed when BN_bin2bn() fails.
ok? Index: bn/bn_mpi.c =================================================================== RCS file: /cvs/src/lib/libcrypto/bn/bn_mpi.c,v retrieving revision 1.8 diff -u -p -r1.8 bn_mpi.c --- bn/bn_mpi.c 29 Jan 2017 17:49:22 -0000 1.8 +++ bn/bn_mpi.c 8 Nov 2022 17:30:33 -0000 @@ -121,8 +121,11 @@ BN_mpi2bn(const unsigned char *d, int n, d += 4; if ((*d) & 0x80) neg = 1; - if (BN_bin2bn(d, (int)len, a) == NULL) + if (BN_bin2bn(d, (int)len, a) == NULL) { + if (ain == NULL) + BN_free(a); return (NULL); + } a->neg = neg; if (neg) { BN_clear_bit(a, BN_num_bits(a) - 1);