Always check CRYPTO_LOCK_{read,write}_lock

[thirdparty/openssl.git] / providers / fips / self_test.c

diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
index b20af1bd6c1fbca12bbec379e1954fc2b2fd2f8b..dbd744ff7ca8d065b41828cdf2834ab44a2f22bd 100644 (file)
--- a/providers/fips/self_test.c
+++ b/providers/fips/self_test.c
@@ -11,6 +11,7 @@
 #include <openssl/evp.h>
 #include <openssl/params.h>
 #include <openssl/crypto.h>
+#include <internal/cryptlib.h>
 #include <openssl/fipskey.h>
 #include <openssl/err.h>
 #include <openssl/proverr.h>
@@ -212,9 +213,10 @@ err:
 
 static void set_fips_state(int state)
 {
-    CRYPTO_THREAD_write_lock(fips_state_lock);
-    FIPS_state = state;
-    CRYPTO_THREAD_unlock(fips_state_lock);
+    if (ossl_assert(CRYPTO_THREAD_write_lock(fips_state_lock) != 0)) {
+        FIPS_state = state;
+        CRYPTO_THREAD_unlock(fips_state_lock);
+    }
 }
 
 /* This API is triggered either on loading of the FIPS module or on demand */
@@ -232,7 +234,8 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
     if (!RUN_ONCE(&fips_self_test_init, do_fips_self_test_init))
         return 0;
 
-    CRYPTO_THREAD_read_lock(fips_state_lock);
+    if (!CRYPTO_THREAD_read_lock(fips_state_lock))
+        return 0;
     loclstate = FIPS_state;
     CRYPTO_THREAD_unlock(fips_state_lock);
 
@@ -244,8 +247,12 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
         return 0;
     }
 
-    CRYPTO_THREAD_write_lock(self_test_lock);
-    CRYPTO_THREAD_read_lock(fips_state_lock);
+    if (!CRYPTO_THREAD_write_lock(self_test_lock))
+        return 0;
+    if (!CRYPTO_THREAD_read_lock(fips_state_lock)) {
+        CRYPTO_THREAD_unlock(self_test_lock);
+        return 0;
+    }
     if (FIPS_state == FIPS_STATE_RUNNING) {
         CRYPTO_THREAD_unlock(fips_state_lock);
         if (!on_demand_test) {