From: atishkov <a.tishkov@aladdin.ru>
Date: Fri, 21 Jul 2023 08:36:37 +0000 (+0300)
Subject: get_cert_by_subject_ex(): Check result of X509_STORE_lock()
X-Git-Tag: openssl-3.2.0-alpha1~364
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc5d9cc8711e86d5c25b81c58dfae531536e61fc;p=thirdparty%2Fopenssl.git

get_cert_by_subject_ex(): Check result of X509_STORE_lock()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21515)
---

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 5d505921497..bb683a7795f 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -348,7 +348,8 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
          *       sorted and sorting the would result in O(n^2 log n) complexity.
          */
         if (k > 0) {
-            X509_STORE_lock(xl->store_ctx);
+            if (!X509_STORE_lock(xl->store_ctx))
+                goto finish;
             j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
             tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
             X509_STORE_unlock(xl->store_ctx);
@@ -420,9 +421,10 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
  finish:
     /* If we changed anything, resort the objects for faster lookup */
     if (!sk_X509_OBJECT_is_sorted(xl->store_ctx->objs)) {
-        X509_STORE_lock(xl->store_ctx);
-        sk_X509_OBJECT_sort(xl->store_ctx->objs);
-        X509_STORE_unlock(xl->store_ctx);
+        if (X509_STORE_lock(xl->store_ctx)) {
+            sk_X509_OBJECT_sort(xl->store_ctx->objs);
+            X509_STORE_unlock(xl->store_ctx);
+        }
     }
 
     BUF_MEM_free(b);