[openssl] master update
Richard Levitte
levitte at openssl.org
Fri May 8 13:16:00 UTC 2020
The branch master has been updated
via c7fa92979c5964966efa298bf2a40ff451ee7482 (commit)
from 73d6b4efe6835a6c97ce61df6bf339b0903e5b7a (commit)
- Log -----------------------------------------------------------------
commit c7fa92979c5964966efa298bf2a40ff451ee7482
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 6 20:48:25 2020 +0200
EVP: when setting the operation to EVP_PKEY_OP_UNDEFINED, clean up!
There were a few instances where we set the EVP_PKEY_CTX operation to
EVP_PKEY_OP_UNDEFINED, but forgot to clean up first. After the
operation is made undefined, there's no way to know what should be
cleaned away, so that must be done first, in all spots.
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11750)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/exchange.c | 1 +
crypto/evp/pmeth_fn.c | 9 ++++-----
crypto/evp/pmeth_gn.c | 4 +++-
crypto/evp/signature.c | 1 +
4 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 6423fd9eff..26d7e1ce95 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -264,6 +264,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
return ret ? 1 : 0;
err:
+ evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = EVP_PKEY_OP_UNDEFINED;
return 0;
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 4d8d3e91b1..8bc59c40b9 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -126,11 +126,8 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
goto err;
}
- if (ret <= 0) {
- cipher->freectx(ctx->op.ciph.ciphprovctx);
- ctx->op.ciph.ciphprovctx = NULL;
+ if (ret <= 0)
goto err;
- }
return 1;
legacy:
@@ -162,8 +159,10 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
}
err:
- if (ret <= 0)
+ if (ret <= 0) {
+ evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ }
return ret;
}
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index a775d2bee7..fb861d2487 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -93,8 +93,10 @@ static int gen_init(EVP_PKEY_CTX *ctx, int operation)
#endif
end:
- if (ret <= 0 && ctx != NULL)
+ if (ret <= 0 && ctx != NULL) {
+ evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ }
return ret;
not_supported:
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index d845ac12db..b7a7f79606 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -503,6 +503,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
return ret;
err:
+ evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = EVP_PKEY_OP_UNDEFINED;
return ret;
}
More information about the openssl-commits
mailing list