From: Matt Caswell Date: Wed, 11 Jun 2025 08:50:16 +0000 (+0100) Subject: Allow our *_gen_cleanup functions to tolerate a NULL ctx X-Git-Tag: openssl-3.2.5~11 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=d5b5c328fd35242df4647ec346b9397646da83fa;p=thirdparty%2Fopenssl.git Allow our *_gen_cleanup functions to tolerate a NULL ctx Our *_gen_cleanup functions are essentially "free" functions. Our free functions tolerate NULL being passed. We are being inconsistent with our *_gen_cleanup functions. Some of them tolerate NULL and others do not. We should consistently tolerate NULL. See also #27795 Reviewed-by: Tomas Mraz Reviewed-by: Tim Hudson Reviewed-by: Paul Dale Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/27813) (cherry picked from commit 743bae4a225b9df1d11446e5f0620270b10c835a) --- diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index e0e74fcc76d..793f53316c5 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -721,6 +721,9 @@ static void ecx_gen_cleanup(void *genctx) { struct ecx_gen_ctx *gctx = genctx; + if (gctx == NULL) + return; + OPENSSL_clear_free(gctx->dhkem_ikm, gctx->dhkem_ikmlen); OPENSSL_free(gctx->propq); OPENSSL_free(gctx); diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 161a433caf5..a83017e3aeb 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -519,6 +519,9 @@ static void mac_gen_cleanup(void *genctx) { struct mac_gen_ctx *gctx = genctx; + if (gctx == NULL) + return; + OPENSSL_secure_clear_free(gctx->priv_key, gctx->priv_key_len); ossl_prov_cipher_reset(&gctx->cipher); OPENSSL_free(gctx);