From: Shane Lontis <shane.lontis@oracle.com>
Date: Tue, 11 Aug 2020 06:28:00 +0000 (+1000)
Subject: Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
X-Git-Tag: openssl-3.0.0-alpha7~503
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fdf6118b1552bc723aeba726174b14ca07b5170a;p=thirdparty%2Fopenssl.git

Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
---

diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 1f1aab2c301..7e2de96e839 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -832,12 +832,12 @@ static void rsa_freectx(void *vprsactx)
     if (prsactx == NULL)
         return;
 
-    RSA_free(prsactx->rsa);
     EVP_MD_CTX_free(prsactx->mdctx);
     EVP_MD_free(prsactx->md);
     EVP_MD_free(prsactx->mgf1_md);
     OPENSSL_free(prsactx->propq);
     free_tbuf(prsactx);
+    RSA_free(prsactx->rsa);
 
     OPENSSL_clear_free(prsactx, sizeof(*prsactx));
 }