rsa_sig.c: Properly duplicate the sig member

Otherwise UAF and doublefree appears when the duplicate
is freed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Fri Jan 23 10:40:29 2026
(Merged from https://github.com/openssl/openssl/pull/29707)

diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
index 825c61bf0d3fc0d1519a767f61bc45388086d8da..b53d0394898ca5aceef2a4959720f5c68be99886 100644 (file)
--- a/providers/implementations/signature/rsa_sig.c
+++ b/providers/implementations/signature/rsa_sig.c
@@ -996,6 +996,7 @@ static void *rsa_dupctx(void *vprsactx)
     dstctx->mdctx = NULL;
     dstctx->tbuf = NULL;
     dstctx->propq = NULL;
+    dstctx->sig = NULL;
 
     if (srcctx->rsa != NULL && !RSA_up_ref(srcctx->rsa))
         goto err;
@@ -1022,6 +1023,12 @@ static void *rsa_dupctx(void *vprsactx)
             goto err;
     }
 
+    if (srcctx->sig != NULL) {
+        dstctx->sig = OPENSSL_memdup(srcctx->sig, srcctx->siglen);
+        if (dstctx->sig == NULL)
+            goto err;
+    }
+
     return dstctx;
 err:
     rsa_freectx(dstctx);