context_init: Fix cleanup in error handling

Also never use OSSL_LIB_CTX_free() on incompletely initialized context.

Fixes #17291

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17294)

diff --git a/crypto/context.c b/crypto/context.c
index bba8e4208b1a0b436282456256ffee6d44f6a719..a05009a3efc83099b75438b73df9ec675ebecab6 100644 (file)
--- a/crypto/context.c
+++ b/crypto/context.c
@@ -93,10 +93,8 @@ static int context_init(OSSL_LIB_CTX *ctx)
     exdata_done = 1;
 
     if (!ossl_crypto_new_ex_data_ex(ctx, CRYPTO_EX_INDEX_OSSL_LIB_CTX, NULL,
-                                    &ctx->data)) {
-        ossl_crypto_cleanup_all_ex_data_int(ctx);
+                                    &ctx->data))
         goto err;
-    }
 
     /* Everything depends on properties, so we also pre-initialise that */
     if (!ossl_property_parse_init(ctx))
@@ -106,9 +104,11 @@ static int context_init(OSSL_LIB_CTX *ctx)
  err:
     if (exdata_done)
         ossl_crypto_cleanup_all_ex_data_int(ctx);
+    for (i = 0; i < OSSL_LIB_CTX_MAX_INDEXES; i++)
+        CRYPTO_THREAD_lock_free(ctx->index_locks[i]);
     CRYPTO_THREAD_lock_free(ctx->oncelock);
     CRYPTO_THREAD_lock_free(ctx->lock);
-    ctx->lock = NULL;
+    memset(ctx, '\0', sizeof(*ctx));
     return 0;
 }
 
@@ -189,7 +189,7 @@ OSSL_LIB_CTX *OSSL_LIB_CTX_new(void)
     OSSL_LIB_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
 
     if (ctx != NULL && !context_init(ctx)) {
-        OSSL_LIB_CTX_free(ctx);
+        OPENSSL_free(ctx);
         ctx = NULL;
     }
     return ctx;