diff -up openssl-1.0.1e/crypto/dsa/dsa_ameth.c.dsa-doublefree openssl-1.0.1e/crypto/dsa/dsa_ameth.c
--- openssl-1.0.1e/crypto/dsa/dsa_ameth.c.dsa-doublefree	2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/dsa/dsa_ameth.c	2016-02-24 14:38:46.075165304 +0100
@@ -201,6 +201,8 @@ static int dsa_priv_decode(EVP_PKEY *pke
 	STACK_OF(ASN1_TYPE) *ndsa = NULL;
 	DSA *dsa = NULL;
 
+	int ret = 0;
+
 	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
 		return 0;
 	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
@@ -281,23 +283,21 @@ static int dsa_priv_decode(EVP_PKEY *pke
 		}
 
 	EVP_PKEY_assign_DSA(pkey, dsa);
-	BN_CTX_free (ctx);
-	if(ndsa)
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-	else
-		ASN1_INTEGER_free(privkey);
 
-	return 1;
+	ret = 1;
+	goto done;
 
 	decerr:
 	DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
 	dsaerr:
-	BN_CTX_free (ctx);
-	if (privkey)
-		ASN1_INTEGER_free(privkey);
-	sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
 	DSA_free(dsa);
-	return 0;
+	done:
+	BN_CTX_free (ctx);
+	if (ndsa)
+		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+	else
+		ASN1_INTEGER_free(privkey);
+	return ret;
 	}
 
 static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)