fips: set the library context and handle later

They need to be set once the provider will definitely be loading.  If they
are set earlier, a double free results on a failure.

Fixes #15452

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15492)

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 580eea574f09c2b4820a05fd03ca21a262753959..4155b6419748b6bf0ba086f8fc095e6a3f7f8e5b 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -663,8 +663,6 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
         OSSL_LIB_CTX_free(libctx);
         goto err;
     }
-    ossl_prov_ctx_set0_libctx(*provctx, libctx);
-    ossl_prov_ctx_set0_handle(*provctx, handle);
 
     if ((fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX,
                                       &fips_prov_ossl_ctx_method)) == NULL)
@@ -707,6 +705,9 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
         goto err;
     }
 
+    ossl_prov_ctx_set0_libctx(*provctx, libctx);
+    ossl_prov_ctx_set0_handle(*provctx, handle);
+
     *out = fips_dispatch_table;
     return 1;
  err: