[openssl] master update

Thu Feb 4 04:35:52 UTC 2021

The branch master has been updated
       via  8549b97214ce1b4ba61eae893c80d9b0ed7e35f0 (commit)
      from  9db6af922c48c5cab5398ef9f37e425e382f9440 (commit)


- Log -----------------------------------------------------------------
commit 8549b97214ce1b4ba61eae893c80d9b0ed7e35f0
Author: Pauli <ppzgs1 at gmail.com>
Date:   Wed Feb 3 17:47:38 2021 +1000

    Fix a use after free issue when a provider context is being used and isn't cached
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14053)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/digest.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 46f4d201d9..e89b591978 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -25,12 +25,8 @@
 
 void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force)
 {
-    EVP_MD_free(ctx->fetched_digest);
-    ctx->fetched_digest = NULL;
-    ctx->reqdigest = NULL;
-
     if (ctx->provctx != NULL) {
-        if (ctx->digest->freectx != NULL)
+        if (ctx->digest != NULL && ctx->digest->freectx != NULL)
             ctx->digest->freectx(ctx->provctx);
         ctx->provctx = NULL;
         EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
@@ -55,6 +51,11 @@ void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force)
     ENGINE_finish(ctx->engine);
     ctx->engine = NULL;
 #endif
+
+    /* Non legacy code, this has to be later than the ctx->digest cleaning */
+    EVP_MD_free(ctx->fetched_digest);
+    ctx->fetched_digest = NULL;
+    ctx->reqdigest = NULL;
 }
 
 /* This call frees resources associated with the context */
