git.ipfire.org Git - thirdparty/openssl.git/commit

author	007bsd <22483432+007bsd@users.noreply.github.com>
	Mon, 4 May 2026 17:07:29 +0000 (20:07 +0300)
committer	Norbert Pocs <norbertp@openssl.org>
	Thu, 14 May 2026 09:31:27 +0000 (11:31 +0200)
commit	012cc567d00ab6e899cf3dc7c2845ec4cd68c1ff
tree	7005bd2d62f22a7c11678520480a8a3ef27ff4c4	tree \| snapshot
parent	1a1f5687989fbdea5be55132df09fab7145dd072	commit \| diff

Fix function pointer type mismatch when freeing ECX keys

ossl_ecx_key_free is declared as void(ECX_KEY *) but registered
directly in the X25519/X448/Ed25519/Ed448 keymgmt OSSL_DISPATCH
tables for OSSL_FUNC_KEYMGMT_FREE, which is invoked through a
void(*)(void *) pointer in evp_keymgmt_freedata. Calling a function
through a pointer to an incompatible function type is undefined
behavior and is reported by UndefinedBehaviorSanitizer on every
ECX key free:

    crypto/evp/keymgmt_meth.c:392:5: runtime error: call to function
      ossl_ecx_key_free through pointer to incorrect function type
      'void (*)(void *)'
    crypto/ec/ecx_key.c:65: note: ossl_ecx_key_free defined here

All four algorithms share the same MAKE_KEYMGMT_FUNCTIONS dispatch
macro, so they hit the same UB; UBSan just deduplicates the report
on the first call.

Mirror the wrapper pattern used by ml_kem_free_key, ml_dsa_free_key,
slh_dsa_free_key, dsa_freedata, ec_freedata, and lms_free_key: add
a small static ecx_free_key with the correct OSSL_FUNC_keymgmt_free_fn
signature that forwards to ossl_ecx_key_free, and register the
wrapper in the dispatch macro. The existing direct callers of
ossl_ecx_key_free in ecx_kmgmt.c are unchanged since they pass a
typed ECX_KEY *.

CLA: trivial

Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Thu May 14 09:31:58 2026
(Merged from https://github.com/openssl/openssl/pull/31078)