From: Matt Caswell <matt@openssl.org>
Date: Fri, 11 Aug 2023 10:22:02 +0000 (+0100)
Subject: Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()
X-Git-Tag: openssl-3.2.0-alpha1~209
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3d254b31344e82b8f10fda8bab196757a377eb63;p=thirdparty%2Fopenssl.git

Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()

Found via the reproducible error injection in #21668

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21723)
---

diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index d00ec75bead..acb061c26ab 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -835,12 +835,18 @@ OSSL_DECODER_CTX_new_for_pkey(EVP_PKEY **pkey,
         newcache->template = ctx;
 
         if (!CRYPTO_THREAD_write_lock(cache->lock)) {
+            ctx = NULL;
             ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB);
-            return NULL;
+            goto err;
         }
         res = lh_DECODER_CACHE_ENTRY_retrieve(cache->hashtable, &cacheent);
         if (res == NULL) {
-            lh_DECODER_CACHE_ENTRY_insert(cache->hashtable, newcache);
+            (void)lh_DECODER_CACHE_ENTRY_insert(cache->hashtable, newcache);
+            if (lh_DECODER_CACHE_ENTRY_error(cache->hashtable)) {
+                ctx = NULL;
+                ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB);
+                goto err;
+            }
         } else {
             /*
              * We raced with another thread to construct this and lost. Free