rsa_sig.c: Properly duplicate the sig member

Otherwise UAF and doublefree appears when the duplicate
is freed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Fri Jan 23 10:37:34 2026
(Merged from https://github.com/openssl/openssl/pull/29707)

diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
index c11b9daaed1524a990d04de9fe5d39e774db866d..96e631ae6c2baa7fa4bf0f0f18649a6400b7a497 100644 (file)
--- a/providers/implementations/signature/rsa_sig.c
+++ b/providers/implementations/signature/rsa_sig.c
@@ -1347,6 +1347,7 @@ static void *rsa_dupctx(void *vprsactx)
     dstctx->mdctx = NULL;
     dstctx->tbuf = NULL;
     dstctx->propq = NULL;
+    dstctx->sig = NULL;
 
     if (srcctx->rsa != NULL && !RSA_up_ref(srcctx->rsa))
         goto err;
@@ -1373,6 +1374,12 @@ static void *rsa_dupctx(void *vprsactx)
             goto err;
     }
 
+    if (srcctx->sig != NULL) {
+        dstctx->sig = OPENSSL_memdup(srcctx->sig, srcctx->siglen);
+        if (dstctx->sig == NULL)
+            goto err;
+    }
+
     return dstctx;
 err:
     rsa_freectx(dstctx);