]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1d02ce4)
ossl_provider_add_to_store: Avoid use-after-free
authorTomas Mraz <tomas@openssl.org>
Thu, 16 Dec 2021 15:24:44 +0000 (16:24 +0100)
committerTomas Mraz <tomas@openssl.org>
Fri, 17 Dec 2021 16:45:53 +0000 (17:45 +0100)
Avoid freeing a provider that was not up-ref-ed before.

Fixes #17292

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17295)

(cherry picked from commit 33df7cbe5e38feb0cf962386bcac061c3743ecf2)

crypto/provider_core.c patch | blob | blame | history

diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index cb4c07c781ac4ec0e871cfddf8e21b9e82962bd4..bc61239957a9a2cd466911389b398ea40878371a 100644 (file)
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -603,6 +603,9 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov,
     OSSL_PROVIDER tmpl = { 0, };
     OSSL_PROVIDER *actualtmp = NULL;
 
+    if (actualprov != NULL)
+        *actualprov = NULL;
+
     if ((store = get_provider_store(prov->libctx)) == NULL)
         return 0;
 
@@ -659,7 +662,7 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov,
  err:
     CRYPTO_THREAD_unlock(store->lock);
     if (actualprov != NULL)
-        ossl_provider_free(actualtmp);
+        ossl_provider_free(*actualprov);
     return 0;
 }
 
Mirror of https://github.com/openssl/openssl.git