From: Neil Horman <nhorman@openssl.org>
Date: Wed, 22 Nov 2023 19:20:39 +0000 (-0500)
Subject: Add locking to CRYPTO_secure_used
X-Git-Tag: openssl-3.3.0-alpha1~543
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7eae6ee0e503b0961d4f2e75baac981f2766b892;p=thirdparty%2Fopenssl.git

Add locking to CRYPTO_secure_used

Coverity issue 1551719 noted CRYPTO_secure_used referenced a shared
variable without taking the appropriate read lock.  Add that.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22802)
---

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 557c697c9aa..269c7dcb6d4 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -260,11 +260,17 @@ int CRYPTO_secure_allocated(const void *ptr)
 
 size_t CRYPTO_secure_used(void)
 {
+    size_t ret = 0;
+
 #ifndef OPENSSL_NO_SECURE_MEMORY
-    return secure_mem_used;
-#else
-    return 0;
+    if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
+        return 0;
+
+    ret = secure_mem_used;
+
+    CRYPTO_THREAD_unlock(sec_malloc_lock);
 #endif /* OPENSSL_NO_SECURE_MEMORY */
+    return ret;
 }
 
 size_t CRYPTO_secure_actual_size(void *ptr)