From: Anton Moryakov <ant.v.moryakov@gmail.com>
Date: Wed, 27 Aug 2025 10:58:24 +0000 (+0300)
Subject: keymgmt_from_algorithm(): Fix unchecked return of ossl_provider_up_ref
X-Git-Tag: 4.0-PRE-CLANG-FORMAT-WEBKIT~111
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba3caa56963640507391feec47e3cc1b7491509a;p=thirdparty%2Fopenssl.git

keymgmt_from_algorithm(): Fix unchecked return of ossl_provider_up_ref

The ossl_provider_up_ref() call in keymgmt_from_algorithm() was not
checking its return value, unlike other similar calls in the codebase.
This could lead to inconsistent reference counting if the up-ref failed.

Now the return value is checked, and if the up-ref fails, the keymgmt
is freed and an error is raised, ensuring consistent cleanup.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>

Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28353)
---

diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index f57153b2c1a..7efab623270 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -261,8 +261,11 @@ static void *keymgmt_from_algorithm(int name_id,
         return NULL;
     }
     keymgmt->prov = prov;
-    if (prov != NULL)
-        ossl_provider_up_ref(prov);
+    if (prov != NULL && !ossl_provider_up_ref(prov)) {
+        EVP_KEYMGMT_free(keymgmt);
+        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+        return NULL;
+    }
 
 #ifndef FIPS_MODULE
     keymgmt->legacy_alg = get_legacy_alg_type_from_keymgmt(keymgmt);