[2.7] bpo-36179: Fix ref leaks in _hashopenssl (GH-12158) (GH-12166)

Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in
out-of-memory cases. Thanks to Charalampos Stratakis.
Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue36179.
(cherry picked from commit b7bc283a)
Co-authored-by: Christian Heimes <christian@python.org>



https://bugs.python.org/issue36179

Misc/NEWS.d/next/Library/2019-03-04-10-42-46.bpo-36179.jEyuI-.rst

+Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in
+out-of-memory cases.

Modules/_hashopenssl.c

@@ -133,12 +133,6 @@ newEVPobject(PyObject *name)
     if (retval == NULL)
         return NULL;
 
-    retval->ctx = EVP_MD_CTX_new();
-    if (retval->ctx == NULL) {
-        PyErr_NoMemory();
-        return NULL;
-    }
-
     /* save the name for .name to return */
     Py_INCREF(name);
     retval->name = name;
@@ -146,6 +140,13 @@ newEVPobject(PyObject *name)
     retval->lock = NULL;
 #endif
 
+    retval->ctx = EVP_MD_CTX_new();
+    if (retval->ctx == NULL) {
+        Py_DECREF(retval);
+        PyErr_NoMemory();
+        return NULL;
+    }
+
     return retval;
 }
 
@@ -205,6 +206,7 @@ EVP_copy(EVPobject *self, PyObject *unused)
         return NULL;
 
     if (!locked_EVP_MD_CTX_copy(newobj->ctx, self)) {
+        Py_DECREF(newobj);
         return _setException(PyExc_ValueError);
     }
     return (PyObject *)newobj;