From 8a8183474c41bd6cebaa917346b549af2239ba2f Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 4 Jan 2019 03:23:00 +0000
Subject: [PATCH 148/294] upstream: fix memory leak of ciphercontext when
 rekeying; bz#2942

Patch from Markus Schmidt; ok markus@

OpenBSD-Commit-ID: 7877f1b82e249986f1ef98d0ae76ce987d332bdd
---
 packet.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packet.c b/packet.c
index 89063f2..046e03f 100644
--- a/packet.c
+++ b/packet.c
@@ -874,8 +874,6 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 		   (unsigned long long)state->p_send.bytes,
 		   (unsigned long long)state->p_send.blocks);
 		audit_session_key_free(mode);
-		cipher_free(*ccp);
-		*ccp = NULL;
 		kex_free_newkeys(state->newkeys[mode]);
 		state->newkeys[mode] = NULL;
 	}
@@ -894,6 +892,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	}
 	mac->enabled = 1;
 	DBG(debug("cipher_init_context: %d", mode));
+	cipher_free(*ccp);
+	*ccp = NULL;
 	if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len,
 	    enc->iv, enc->iv_len, crypt_type)) != 0)
 		return r;
-- 
1.8.3.1