From da16622da621eb4d74f047e8ac376d701782007b Mon Sep 17 00:00:00 2001
From: Boris Pozdnyakov <boris.a.pozdnyakov@ringcentral.com>
Date: Thu, 18 Jan 2024 15:47:43 +0400
Subject: [PATCH] fix setup_dh() double free

---
 c_src/fast_tls.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/c_src/fast_tls.c b/c_src/fast_tls.c
index 28a7499..906225b 100644
--- a/c_src/fast_tls.c
+++ b/c_src/fast_tls.c
@@ -415,6 +415,7 @@ static int setup_dh(SSL_CTX *ctx, const unsigned char *dh_der, size_t dh_size, c
         if (EVP_PKEY_fromdata_init(pctx) <= 0 ||
             EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) {
             EVP_PKEY_CTX_free(pctx);
+            return 0;
         }
         if (SSL_CTX_set0_tmp_dh_pkey(ctx, pkey) != 1) {
             EVP_PKEY_free(pkey);