From 2dfa6aa1677dbf09b376c07b0624c96cabdc8015 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C5=8Dan?= <koan.bot@atoomic.org>
Date: Fri, 3 Apr 2026 05:32:03 -0600
Subject: [PATCH] fix: use THROW for make_rsa_obj result in
 _new_key_from_parameters()

Replace `if(RETVAL) goto end` with `THROW(RETVAL = make_rsa_obj(...))` so
that if make_rsa_obj ever returns NULL without croaking, error=1 is set
before jumping to err:, ensuring rsa is freed in the cleanup block.

The if(error) guard at err: was not coordinated with the if(RETVAL) guard,
leaving rsa leaked on a falsy-but-non-croak return. Not reachable today
since CHECK_NEW inside make_rsa_obj always croaks, but the control-flow
contract was fragile.

Fixes https://github.com/cpan-authors/Crypt-OpenSSL-RSA/issues/156

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 RSA.xs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/RSA.xs b/RSA.xs
index c6e80af..847d0c7 100644
--- a/RSA.xs
+++ b/RSA.xs
@@ -799,9 +799,8 @@ _new_key_from_parameters(proto, n, e, d, p, q)
 #endif
     }
 
-    RETVAL = make_rsa_obj(proto, rsa);
-    if(RETVAL)
-        goto end;
+    THROW(RETVAL = make_rsa_obj(proto, rsa));
+    goto end;
 
     err:
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L