Don't leak memory if realloc fails.

RT#4403

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
diff --git a/apps/apps.c b/apps/apps.c
index 537d43a..c7e01b0 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -176,8 +176,6 @@
     if (arg->size == 0) {
         arg->size = 20;
         arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space");
-        if (arg->argv == NULL)
-            return 0;
     }
 
     for (p = buf;;) {
@@ -189,11 +187,12 @@
 
         /* The start of something good :-) */
         if (arg->argc >= arg->size) {
+            char **tmp;
             arg->size += 20;
-            arg->argv = OPENSSL_realloc(arg->argv,
-                                        sizeof(*arg->argv) * arg->size);
-            if (arg->argv == NULL)
+            tmp = OPENSSL_realloc(arg->argv, sizeof(*arg->argv) * arg->size);
+            if (tmp == NULL)
                 return 0;
+            arg->argv = tmp;
         }
         quoted = *p == '\'' || *p == '"';
         if (quoted)
diff --git a/apps/engine.c b/apps/engine.c
index b60bfbc..3b395b1 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -107,13 +107,17 @@
     }
 
     if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+        char *tmp;
         *size += 256;
-        *buf = OPENSSL_realloc(*buf, *size);
+        tmp = OPENSSL_realloc(*buf, *size);
+        if (tmp == NULL) {
+            OPENSSL_free(*buf);
+            *buf = NULL;
+            return 0;
+        }
+        *buf = tmp;
     }
 
-    if (*buf == NULL)
-        return 0;
-
     if (**buf != '\0')
         OPENSSL_strlcat(*buf, ", ", *size);
     OPENSSL_strlcat(*buf, s, *size);