From 8041377799bd20ef86ea0da7981e7a0354176f8f Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Sun, 4 Aug 2013 19:33:43 +0000
Subject: [PATCH] Sanitise freeing of DSA keys.

[originally from svn r9984]
---
 sshdss.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/sshdss.c b/sshdss.c
index 6487d75a..8c9f93e3 100644
--- a/sshdss.c
+++ b/sshdss.c
@@ -111,6 +111,7 @@ static void *dss_newkey(char *data, int len)
     dss->q = getmp(&data, &len);
     dss->g = getmp(&data, &len);
     dss->y = getmp(&data, &len);
+    dss->x = NULL;
 
     return dss;
 }
@@ -118,10 +119,16 @@ static void *dss_newkey(char *data, int len)
 static void dss_freekey(void *key)
 {
     struct dss_key *dss = (struct dss_key *) key;
-    freebn(dss->p);
-    freebn(dss->q);
-    freebn(dss->g);
-    freebn(dss->y);
+    if (dss->p)
+        freebn(dss->p);
+    if (dss->q)
+        freebn(dss->q);
+    if (dss->g)
+        freebn(dss->g);
+    if (dss->y)
+        freebn(dss->y);
+    if (dss->x)
+        freebn(dss->x);
     sfree(dss);
 }