dh: harden error handling in 'ssh_dh_init_common'

Harden the error path in 'ssh_dh_init_common' such that
all potential allocations are free'd upon exit.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

src/dh.c

@@ -350,6 +350,9 @@ int ssh_dh_init_common(ssh_session session){
         break;
     }
     if (crypto->x == NULL || crypto->y == NULL || crypto->k == NULL){
+        bignum_safe_free(crypto->k);
+        bignum_safe_free(crypto->y);
+        bignum_safe_free(crypto->x);
         ssh_set_error_oom(session);
         return SSH_ERROR;
     } else {