get_cert_by_subject_ex(): Check result of X509_STORE_lock()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21515)

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 5d505921497ad11ee95093802b61a25e26a74ef2..bb683a7795f8620b16891c8af9795577d5ea2f70 100644 (file)
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -348,7 +348,8 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
          *       sorted and sorting the would result in O(n^2 log n) complexity.
          */
         if (k > 0) {
-            X509_STORE_lock(xl->store_ctx);
+            if (!X509_STORE_lock(xl->store_ctx))
+                goto finish;
             j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
             tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
             X509_STORE_unlock(xl->store_ctx);
@@ -420,9 +421,10 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
  finish:
     /* If we changed anything, resort the objects for faster lookup */
     if (!sk_X509_OBJECT_is_sorted(xl->store_ctx->objs)) {
-        X509_STORE_lock(xl->store_ctx);
-        sk_X509_OBJECT_sort(xl->store_ctx->objs);
-        X509_STORE_unlock(xl->store_ctx);
+        if (X509_STORE_lock(xl->store_ctx)) {
+            sk_X509_OBJECT_sort(xl->store_ctx->objs);
+            X509_STORE_unlock(xl->store_ctx);
+        }
     }
 
     BUF_MEM_free(b);