From fd28a1651988408d0fbc03ba8963eb19329e9474 Mon Sep 17 00:00:00 2001
From: Nora Dossche <7771979+ndossche@users.noreply.github.com>
Date: Fri, 17 Apr 2026 08:03:49 +0200
Subject: [PATCH] pkey: fix memory leak when derived key is too large

Unlikely to happen in practice, but mirrors other similar checks that
also free the context.
---
 ext/openssl/ossl_pkey.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index d2fd5b29c..a53332b17 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -1496,8 +1496,10 @@ ossl_pkey_derive(int argc, VALUE *argv, VALUE self)
         EVP_PKEY_CTX_free(ctx);
         ossl_raise(ePKeyError, "EVP_PKEY_derive");
     }
-    if (keylen > LONG_MAX)
+    if (keylen > LONG_MAX) {
+        EVP_PKEY_CTX_free(ctx);
         rb_raise(ePKeyError, "derived key would be too large");
+    }
     str = ossl_str_new(NULL, (long)keylen, &state);
     if (state) {
         EVP_PKEY_CTX_free(ctx);