From 497bcdbefbdf5578d6179dec2afe2c3aa2c99b79 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C5=8Dan?= <koan.bot@atoomic.org>
Date: Thu, 12 Mar 2026 22:51:42 -0600
Subject: [PATCH] fix: remove stale BUGS POD about generate_key() memory leak
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The "small memory leak when generating new keys of more than 512 bits"
note has been in the POD since v0.08 (2002). Empirical testing confirms
no leak exists: generating 1000 x 2048-bit keys shows flat RSS after
initial OpenSSL warm-up.

The original leak was likely in the pre-0.9.8 RSA_generate_key() code
path, where the BIGNUM exponent was allocated but never freed — fixed
here as well for completeness.
---
 RSA.pm | 4 ----
 RSA.xs | 1 +
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/RSA.pm b/RSA.pm
index 420e36a..f7131a4 100644
--- a/RSA.pm
+++ b/RSA.pm
@@ -377,10 +377,6 @@ Return true if this is a private key, and false if it is public only.
 
 =back
 
-=head1 BUGS
-
-There is a small memory leak when generating new keys of more than 512 bits.
-
 =head1 AUTHOR
 
 Ian Robertson, C<iroberts@cpan.org>.  For support, please email
diff --git a/RSA.xs b/RSA.xs
index a3a6034..b2c03f9 100644
--- a/RSA.xs
+++ b/RSA.xs
@@ -511,6 +511,7 @@ generate_key(proto, bitsSV, exponent = 65537)
     BN_set_word(e, exponent);
 #if OPENSSL_VERSION_NUMBER < 0x00908000L
     rsa = RSA_generate_key(SvIV(bitsSV), exponent, NULL, NULL);
+    BN_free(e);
     CHECK_OPEN_SSL(rsa != NULL);
 #endif
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L && OPENSSL_VERSION_NUMBER < 0x30000000L