openssl/openssl-1.0.1k-cve-2015-0209.patch

diff -up openssl-1.0.1k/crypto/ec/ec_asn1.c.use-after-free openssl-1.0.1k/crypto/ec/ec_asn1.c
--- openssl-1.0.1k/crypto/ec/ec_asn1.c.use-after-free	2014-10-15 15:49:54.000000000 +0200
+++ openssl-1.0.1k/crypto/ec/ec_asn1.c	2015-03-19 17:28:03.349627040 +0100
@@ -1142,8 +1142,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
                                  ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
-		if (a)
-			*a = ret;
 		}
 	else
 		ret = *a;
@@ -1225,11 +1223,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
 		ret->enc_flag |= EC_PKEY_NO_PUBKEY;
 		}
 
+	if (a)
+		*a = ret;
 	ok = 1;
 err:
 	if (!ok)
 		{
-		if (ret)
+		if (ret && (a == NULL || *a != ret))
 			EC_KEY_free(ret);
 		ret = NULL;
 		}