From: slontis <shane.lontis@oracle.com>
Date: Thu, 2 Sep 2021 06:49:37 +0000 (+1000)
Subject: Fix dh dupctx refcount error
X-Git-Tag: openssl-3.2.0-alpha1~3607
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fopenssl.git;a=commitdiff_plain;h=21a0d9f3edda78d27d12cd7704de9e32976393ba

Fix dh dupctx refcount error

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16495)
---

diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index 1dffc8d112..ea05b3177e 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -238,7 +238,6 @@ static int dh_derive(void *vpdhctx, unsigned char *secret,
     return 0;
 }
 
-
 static void dh_freectx(void *vpdhctx)
 {
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
@@ -271,12 +270,12 @@ static void *dh_dupctx(void *vpdhctx)
     dstctx->kdf_ukm = NULL;
     dstctx->kdf_cekalg = NULL;
 
-    if (dstctx->dh != NULL && !DH_up_ref(srcctx->dh))
+    if (srcctx->dh != NULL && !DH_up_ref(srcctx->dh))
         goto err;
     else
         dstctx->dh = srcctx->dh;
 
-    if (dstctx->dhpeer != NULL && !DH_up_ref(srcctx->dhpeer))
+    if (srcctx->dhpeer != NULL && !DH_up_ref(srcctx->dhpeer))
         goto err;
     else
         dstctx->dhpeer = srcctx->dhpeer;
diff --git a/test/evp_test.c b/test/evp_test.c
index 075abc5ad9..eda8c827f9 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1848,11 +1848,17 @@ static int pderive_test_parse(EVP_TEST *t,
 
 static int pderive_test_run(EVP_TEST *t)
 {
+    EVP_PKEY_CTX *dctx = NULL;
     PKEY_DATA *expected = t->data;
     unsigned char *got = NULL;
     size_t got_len;
 
-    if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) {
+    if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(expected->ctx))) {
+        t->err = "DERIVE_ERROR";
+        goto err;
+    }
+
+    if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0) {
         t->err = "DERIVE_ERROR";
         goto err;
     }
@@ -1860,7 +1866,7 @@ static int pderive_test_run(EVP_TEST *t)
         t->err = "DERIVE_ERROR";
         goto err;
     }
-    if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
+    if (EVP_PKEY_derive(dctx, got, &got_len) <= 0) {
         t->err = "DERIVE_ERROR";
         goto err;
     }
@@ -1872,6 +1878,7 @@ static int pderive_test_run(EVP_TEST *t)
     t->err = NULL;
  err:
     OPENSSL_free(got);
+    EVP_PKEY_CTX_free(dctx);
     return 1;
 }