CRYPTO_secure_used(), CRYPTO_secure_actual_size(): Check for NULL rwlock

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28749)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 5eb105de5f3604574d9d540048fca098899a142e..b9eb541bf2639bab6f0958db54165f570820c1e2 100644 (file)
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -263,6 +263,8 @@ size_t CRYPTO_secure_used(void)
     size_t ret = 0;
 
 #ifndef OPENSSL_NO_SECURE_MEMORY
+    if (!secure_mem_initialized)
+        return 0;
     if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
         return 0;
 
@@ -278,6 +280,8 @@ size_t CRYPTO_secure_actual_size(void *ptr)
 #ifndef OPENSSL_NO_SECURE_MEMORY
     size_t actual_size;
 
+    if (!secure_mem_initialized)
+        return 0;
     if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
         return 0;
     actual_size = sh_actual_size(ptr);