From d3463971bcd6a0abb4e925102cba30c8783c4f40 Mon Sep 17 00:00:00 2001
From: bleeqer <bleeqtheproducer@gmail.com>
Date: Sun, 5 Oct 2025 13:21:12 +0900
Subject: [PATCH] CRYPTO_secure_used(), CRYPTO_secure_actual_size(): Check for
 NULL rwlock

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28749)
---
 crypto/mem_sec.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 5eb105de5f3..b9eb541bf26 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -263,6 +263,8 @@ size_t CRYPTO_secure_used(void)
     size_t ret = 0;
 
 #ifndef OPENSSL_NO_SECURE_MEMORY
+    if (!secure_mem_initialized)
+        return 0;
     if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
         return 0;
 
@@ -278,6 +280,8 @@ size_t CRYPTO_secure_actual_size(void *ptr)
 #ifndef OPENSSL_NO_SECURE_MEMORY
     size_t actual_size;
 
+    if (!secure_mem_initialized)
+        return 0;
     if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
         return 0;
     actual_size = sh_actual_size(ptr);
-- 
2.47.3