Don't leak the OSSL_LIB_CTX in the event of a failure to load the FIPS module

Ensure we free the OSSL_LIB_CTX on the error path.

Fixes #16163

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16168)

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 4155b6419748b6bf0ba086f8fc095e6a3f7f8e5b..b69299e04665b98accf83ff2d9167b2df093dc20 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -712,6 +712,7 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
     return 1;
  err:
     fips_teardown(*provctx);
+    OSSL_LIB_CTX_free(libctx);
     *provctx = NULL;
     return 0;
 }