evp: address a use after free state when using HMAC and MD copy.

author Pauli <pauli@openssl.org>

Mon, 13 Dec 2021 01:16:18 +0000 (12:16 +1100)

committer Pauli <pauli@openssl.org>

Fri, 17 Dec 2021 03:41:21 +0000 (14:41 +1100)
author Pauli <pauli@openssl.org>
Mon, 13 Dec 2021 01:16:18 +0000 (12:16 +1100)
committer Pauli <pauli@openssl.org>
Fri, 17 Dec 2021 03:41:21 +0000 (14:41 +1100)
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c

index d3a28fa3515f701eee6c6fc3b7274621e0d1896c..d92059cbccb0369d1928a1af6ff7288bb59cf285 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -520,7 +520,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
          if (out->fetched_digest != NULL)
              EVP_MD_free(out->fetched_digest);
          *out = *in;
-        return 1;
+        goto clone_pkey;
      }
  
      if (in->digest->prov == NULL
@@ -551,6 +551,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
          }
      }
  
+ clone_pkey:
      /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
      EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
  #ifndef FIPS_MODULE
author	Pauli <pauli@openssl.org>
	Mon, 13 Dec 2021 01:16:18 +0000 (12:16 +1100)
committer	Pauli <pauli@openssl.org>
	Fri, 17 Dec 2021 03:41:21 +0000 (14:41 +1100)