RESOURCE_LEAK in method STACK_OF(TRUST_TOKEN) *voprf_unblind before return 0

Change-Id: I4288988f3742f14b15f80a3023b716392a667631
Signed-off-by: wangjiale3 <wangjiale3@xiaomi.corp-partner.google.com>
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58485
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

crypto/trust_token/voprf.c

diff --git a/crypto/trust_token/voprf.c b/crypto/trust_token/voprf.c
index adf02a7..49a324e 100644
--- a/crypto/trust_token/voprf.c
+++ b/crypto/trust_token/voprf.c
@@ -563,25 +563,23 @@
     return NULL;
   }
 
-  int ok = 0;
-  STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
-  if (ret == NULL) {
-    return NULL;
-  }
-
   if (count > ((size_t)-1) / sizeof(EC_RAW_POINT) ||
       count > ((size_t)-1) / sizeof(EC_SCALAR)) {
     OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW);
-    return 0;
+    return NULL;
   }
+
+  int ok = 0;
+  STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
   EC_RAW_POINT *BTs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
   EC_RAW_POINT *Zs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
   EC_SCALAR *es = OPENSSL_malloc(count * sizeof(EC_SCALAR));
   CBB batch_cbb;
   CBB_zero(&batch_cbb);
-  if (!BTs ||
-      !Zs ||
-      !es ||
+  if (ret == NULL ||
+      BTs == NULL ||
+      Zs == NULL ||
+      es == NULL ||
       !CBB_init(&batch_cbb, 0) ||
       !cbb_add_point(&batch_cbb, method->group, &key->pubs)) {
     goto err;