From 6f2573a07a68c79adc483bdbc2f112af2e07268c Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Thu, 1 Jun 2023 11:52:34 +0200
Subject: [PATCH] Fix use-after-free with EVP_CIPHER_free

In many scenerios the context will still have a reference to the cipher, so
this use-after-free does not explode but it is still wrong.

Change-Id: I59002d6613eaef36d5a47b20b56073e399cfa1df
---
 src/openvpn/crypto_openssl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index d6916fc9b..b8088df04 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -858,6 +858,7 @@ cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key,
     EVP_CIPHER_free(kt);
 }
 
+
 int
 cipher_ctx_iv_length(const EVP_CIPHER_CTX *ctx)
 {