From: Neil Horman <nhorman@openssl.org>
Date: Sun, 10 Aug 2025 21:55:15 +0000 (-0400)
Subject: Fix missing unlock in decoder_pkey.c
X-Git-Tag: openssl-3.6.0-alpha1~181
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0527256d2e6a148931e1d8b9b0ff4af7564caae;p=thirdparty%2Fopenssl.git

Fix missing unlock in decoder_pkey.c

We hit an assertion failure during a call to CRYPTO_THREAD_read_lock
during memfail testing.

This was caused by us attempting to take a read lock in the same thread
that already held the same lock for writing resulting in an EBUSY
return.

This occured because we triggered a memory failure path in
DECODER_new_for_pkey, which never unlocked a write lock we were holding.

Fix it by ensuring the lock is released in the error path.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28216)
---

diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index 9fc4e231233..5f08536bff1 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -928,6 +928,7 @@ OSSL_DECODER_CTX_new_for_pkey(EVP_PKEY **pkey,
             (void)lh_DECODER_CACHE_ENTRY_insert(cache->hashtable, newcache);
             if (lh_DECODER_CACHE_ENTRY_error(cache->hashtable)) {
                 ctx = NULL;
+                CRYPTO_THREAD_unlock(cache->lock);
                 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB);
                 goto err;
             }