From 9ffc44a01f5029306c398612143a9075c93f205f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= <moisesguimaraesm@gmail.com>
Date: Tue, 8 Jul 2014 13:41:42 -0300
Subject: [PATCH] ecc_free should be called only upon ecc_import_x963 success.

---
 ctaocrypt/src/asn.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c
index 4bc5f9267..e7b4bd275 100644
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -3056,16 +3056,18 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
             if (ecc_import_x963(key, keySz, pubKey) < 0) {
                 CYASSL_MSG("ASN Key import error ECC");
             }
-            else if (ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
+            else {   
+                if (ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
                                                                 pubKey) != 0) {
-                CYASSL_MSG("ECC verify hash error");
-            }
-            else if (1 != verify) {
-                CYASSL_MSG("ECC Verify didn't match");
-            } else
-                ret = 1; /* match */
+                    CYASSL_MSG("ECC verify hash error");
+                }
+                else if (1 != verify) {
+                    CYASSL_MSG("ECC Verify didn't match");
+                } else
+                    ret = 1; /* match */
 
-            ecc_free(pubKey);
+                ecc_free(pubKey);
+            }
 #ifdef CYASSL_SMALL_STACK
             XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif