From e11cb70003e3fb3398bc641439740bb83f5de8f0 Mon Sep 17 00:00:00 2001
From: green
Date: Tue, 17 Mar 2026 14:33:12 +0100
Subject: fix: memory leak and oob read in "adduser"

---
 xs_openssl.h | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/xs_openssl.h b/xs_openssl.h
index 64b59dd..4bc14d2 100644
--- a/xs_openssl.h
+++ b/xs_openssl.h
@@ -38,7 +38,7 @@ xs_str *xs_base64_enc(const xs_val *data, int sz)
 {
     BIO *mem, *b64;
     BUF_MEM *bptr;
- 
+
     b64 = BIO_new(BIO_f_base64());
     mem = BIO_new(BIO_s_mem());
     b64 = BIO_push(b64, mem);
@@ -118,7 +118,7 @@ xs_dict *xs_evp_genkey(int bits)
 /* generates an RSA keypair using the EVP interface */
 {
     xs_dict *keypair = NULL;
-    EVP_PKEY_CTX *ctx;
+    EVP_PKEY_CTX *ctx = NULL;
     EVP_PKEY *pkey = NULL;
 
     if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
@@ -142,12 +142,17 @@ xs_dict *xs_evp_genkey(int bits)
 
     keypair = xs_dict_new();
 
-    keypair = xs_dict_append(keypair, "secret", sptr->data);
-    keypair = xs_dict_append(keypair, "public", pptr->data);
+    xs *secret = xs_str_new_sz(sptr->data, sptr->length);
+    xs *public = xs_str_new_sz(pptr->data, pptr->length);
+    keypair = xs_dict_append(keypair, "secret", secret);
+    keypair = xs_dict_append(keypair, "public", public);
 
     BIO_free(bs);
     BIO_free(bp);
 
+    EVP_PKEY_free(pkey);
+    EVP_PKEY_CTX_free(ctx);
+
 end:
     return keypair;
 }
-- 
cgit v1.2.3