set_trace_data(): prevent double free on OPENSSL_strdup() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19959)

1 files changed, 9 insertions, 5 deletions

diff --git a/crypto/trace.c b/crypto/trace.c
index 74dbd525a5..3bf9ff62f7 100644
--- a/crypto/trace.c
+++ b/crypto/trace.c
@@ -288,11 +288,6 @@ static int set_trace_data(int category, int type, BIO **channel,
     }
 
     /* Before running callbacks are done, set new data where appropriate */
-    if (channel != NULL && *channel != NULL) {
-        trace_channels[category].type = type;
-        trace_channels[category].bio = *channel;
-    }
-
     if (prefix != NULL && *prefix != NULL) {
         if ((curr_prefix = OPENSSL_strdup(*prefix)) == NULL)
             return 0;
@@ -305,6 +300,15 @@ static int set_trace_data(int category, int type, BIO **channel,
         trace_channels[category].suffix = curr_suffix;
     }
 
+    if (channel != NULL && *channel != NULL) {
+        trace_channels[category].type = type;
+        trace_channels[category].bio = *channel;
+        /*
+         * This must not be done before setting prefix/suffix,
+         * as those may fail, and then the caller is mislead to free *channel.
+         */
+    }
+
     /* Finally, run the attach callback on the new data */
     if (channel != NULL && *channel != NULL) {
         attach_cb(category, CHANNEL, *channel);