--- a/rsa.c	Sun Aug 08 16:57:37 2004 +0000
+++ b/rsa.c	Sun Sep 12 04:56:50 2004 +0000
@@ -201,7 +201,8 @@
 		unsigned int len) {
 
 	unsigned int slen;
-	mp_int rsa_s, rsa_mdash;
+	DEF_MP_INT(rsa_s);
+	DEF_MP_INT(rsa_mdash);
 	mp_int *rsa_em = NULL;
 	int ret = DROPBEAR_FAILURE;
 
@@ -244,8 +245,11 @@
 	}
 
 out:
-	mp_clear_multi(rsa_em, &rsa_mdash, &rsa_s, NULL);
-	m_free(rsa_em);
+	if (rsa_em) {
+		mp_clear(rsa_em);
+		m_free(rsa_em);
+	}
+	mp_clear_multi(&rsa_mdash, &rsa_s, NULL);
 	TRACE(("leave buf_rsa_verify: ret %d", ret));
 	return ret;
 
@@ -259,16 +263,17 @@
 
 	unsigned int nsize, ssize;
 	unsigned int i;
-	mp_int rsa_s;
-	mp_int *rsa_em;
+	DEF_MP_INT(rsa_s);
+	mp_int *rsa_em = NULL;
 	
 	TRACE(("enter buf_put_rsa_sign"));
 	assert(key != NULL);
 
 	rsa_em = rsa_pad_em(key, data, len);
 
+	m_mp_init(&rsa_s);
+
 	/* the actual signing of the padded data */
-	m_mp_init(&rsa_s);
 	/* s = em^d mod n */
 	if (mp_exptmod(rsa_em, key->d, key->n, &rsa_s) != MP_OKAY) {
 		dropbear_exit("rsa error");
@@ -322,10 +327,10 @@
 		{0x00, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 
 		 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14};
 #define RSA_ASN1_MAGIC_LEN 16
-	buffer * rsa_EM;
+	buffer * rsa_EM = NULL;
 	hash_state hs;
 	unsigned int nsize;
-	mp_int * rsa_em;
+	mp_int * rsa_em = NULL;
 	
 	assert(key != NULL);
 	assert(data != NULL);