From: Pauli <ppzgs1@gmail.com>
Date: Mon, 8 Feb 2021 00:54:52 +0000 (+1000)
Subject: EVP: fix reference counting for digest operations.
X-Git-Tag: openssl-3.0.0-alpha12~70
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=31f7ff37b403f5ed50cf2e1e828a2e63576dac58;p=thirdparty%2Fopenssl.git

EVP: fix reference counting for digest operations.

The reference count wasn't being incremented but the EVP_MD pointer was being
held.  In a no cache build, this resulted in a failure on update in some
circumstances.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14126)
---

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 40aedae47b8..3dfcfcda8e9 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -235,8 +235,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 #else
         EVP_MD *provmd = EVP_MD_fetch(NULL, OBJ_nid2sn(type->type), "");
 
-        if (provmd == NULL)
+        if (provmd == NULL) {
+            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             return 0;
+        }
         type = provmd;
         EVP_MD_free(ctx->fetched_digest);
         ctx->fetched_digest = provmd;
@@ -248,6 +250,14 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
             ctx->digest->freectx(ctx->provctx);
         ctx->provctx = NULL;
     }
+    if (type->prov != NULL && ctx->fetched_digest != type) {
+        if (!EVP_MD_up_ref((EVP_MD *)type)) {
+            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
+        EVP_MD_free(ctx->fetched_digest);
+        ctx->fetched_digest = (EVP_MD *)type;
+    }
     ctx->digest = type;
     if (ctx->provctx == NULL) {
         ctx->provctx = ctx->digest->newctx(ossl_provider_ctx(type->prov));