ossl_provider_set_module_path: Prevent potential UAF

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15680)

diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index 30fa44d789a0f054ef54be37a7e28be6776e0a41..c6a8fa3f2693954cd9a56c8040ff8617678cc952 100644 (file)
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -483,6 +483,7 @@ void ossl_provider_free(OSSL_PROVIDER *prov)
 int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path)
 {
     OPENSSL_free(prov->path);
+    prov->path = NULL;
     if (module_path == NULL)
         return 1;
     if ((prov->path = OPENSSL_strdup(module_path)) != NULL)