Hi,

We noticed the following inconsistency that might lead to memory leak:

OPENSSL_free(dukm); is called in the case of error here:

https://github.com/openssl/openssl/blob/master/crypto/dh/dh_ameth.c#L814

While it is missed in dh_cms_encrypt function here:

https://github.com/openssl/openssl/blob/master/crypto/dh/dh_ameth.c#L976

Yep, looks like a bug to me.