git.ipfire.org Git - thirdparty/openssl.git/commit

author	Weidong Wang <kenazcharisma@gmail.com>
	Fri, 20 Mar 2026 10:10:53 +0000 (05:10 -0500)
committer	Eugene Syromiatnikov <esyr@openssl.org>
	Sun, 26 Apr 2026 11:11:28 +0000 (13:11 +0200)
commit	aeea7dfaff4449f13a335ca2a3fbc87b8a4417bf
tree	e0d97d4532a0ee906d410505e65a189902ea9074	tree \| snapshot
parent	7fb28b9cd05ba89cbbe038dfa85804fe22bc146a	commit \| diff

Fix double-free in mlx_kem_dup() default case

Null mkey/xkey immediately after OPENSSL_memdup() so that any failure
path (including propq strdup) can safely call mlx_kem_key_free() without
risking a double-free on the source key's material. Use key->* rather
than ret->* for source-state checks to make ownership explicit.

Test that mlx_kem_dup() with partial key selection (e.g.
EVP_PKEY_PUBLIC_KEY) does not corrupt the original key's mkey/xkey
sub-objects. Covers X25519MLKEM768, SecP256r1MLKEM768,
and SecP384r1MLKEM1024.

Fixes: 4b1c73d2dd74 "ML-KEM hybrids for TLS"
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
MergeDate: Sun Apr 26 11:14:12 2026
(Merged from https://github.com/openssl/openssl/pull/30511)

providers/implementations/keymgmt/mlx_kmgmt.c		diff \| blob \| blame \| history
test/ml_kem_evp_extra_test.c		diff \| blob \| blame \| history