From a9745427cd5d44a76b31690b4a2c6bef2ee677c4 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 31 Mar 2023 10:35:32 +0100 Subject: [PATCH] Don't call OPENSSL_init_crypto from inside a RUN_ONCE Calling OPENSSL_init_crypto from inside a RUN_ONCE seems like a bad idea. This is especially bad if OPENSSL_init_crypto can recursively end up attempting to call the RUN_ONCE that we're already inside. The initialisation in OPENSSL_init_crypto is already "run once" protected. There is no need to protect it "twice". Fixes #20653 Reviewed-by: Paul Dale Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/20662) --- crypto/objects/obj_dat.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index e8377e9fc30..5b838938594 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -65,9 +65,6 @@ static ossl_inline void objs_free_locks(void) DEFINE_RUN_ONCE_STATIC(obj_lock_initialise) { - /* Make sure we've loaded config before checking for any "added" objects */ - OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); - ossl_obj_lock = CRYPTO_THREAD_lock_new(); if (ossl_obj_lock == NULL) return 0; @@ -84,6 +81,8 @@ DEFINE_RUN_ONCE_STATIC(obj_lock_initialise) static ossl_inline int ossl_init_added_lock(void) { + /* Make sure we've loaded config before checking for any "added" objects */ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); return RUN_ONCE(&ossl_obj_lock_init, obj_lock_initialise); } -- 2.47.2