diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-12-16 16:24:44 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-12-17 17:33:49 +0100 |
commit | 33df7cbe5e38feb0cf962386bcac061c3743ecf2 (patch) | |
tree | c88c65081b3eb620ca3cf72ed683cdeb1381599b /crypto/provider_core.c | |
parent | c81eed84e4e9025e933778f5e8326b1e4435e094 (diff) | |
download | openssl-new-33df7cbe5e38feb0cf962386bcac061c3743ecf2.tar.gz |
ossl_provider_add_to_store: Avoid use-after-free
Avoid freeing a provider that was not up-ref-ed before.
Fixes #17292
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17295)
Diffstat (limited to 'crypto/provider_core.c')
-rw-r--r-- | crypto/provider_core.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 1d5787a648..e04734c12e 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -602,6 +602,9 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, OSSL_PROVIDER tmpl = { 0, }; OSSL_PROVIDER *actualtmp = NULL; + if (actualprov != NULL) + *actualprov = NULL; + if ((store = get_provider_store(prov->libctx)) == NULL) return 0; @@ -658,7 +661,7 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, err: CRYPTO_THREAD_unlock(store->lock); if (actualprov != NULL) - ossl_provider_free(actualtmp); + ossl_provider_free(*actualprov); return 0; } |