From: Pauli <pauli@openssl.org>
Date: Fri, 28 May 2021 00:25:55 +0000 (+1000)
Subject: fips: set the library context and handle later
X-Git-Tag: openssl-3.0.0-beta1~305
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=43dbe3b72de0ba4ebd20e9e6a2c526ef747326ab;p=thirdparty%2Fopenssl.git

fips: set the library context and handle later

They need to be set once the provider will definitely be loading.  If they
are set earlier, a double free results on a failure.

Fixes #15452

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15492)
---

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 580eea574f0..4155b641974 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -663,8 +663,6 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
         OSSL_LIB_CTX_free(libctx);
         goto err;
     }
-    ossl_prov_ctx_set0_libctx(*provctx, libctx);
-    ossl_prov_ctx_set0_handle(*provctx, handle);
 
     if ((fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX,
                                       &fips_prov_ossl_ctx_method)) == NULL)
@@ -707,6 +705,9 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
         goto err;
     }
 
+    ossl_prov_ctx_set0_libctx(*provctx, libctx);
+    ossl_prov_ctx_set0_handle(*provctx, handle);
+
     *out = fips_dispatch_table;
     return 1;
  err: