[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Thu Mar 25 22:42:15 UTC 2021
The branch master has been updated
via 8f4cddbc903a402abb9f39c2e220ee3858188655 (commit)
via 9aa4be691f5c73eb3c68606d824c104550c053f7 (commit)
via 96a68f21c305d33f89e1e0bc9c45b6afb0de7654 (commit)
from 4f0831b837e97504d4cfbfecfca069c527be4a2b (commit)
- Log -----------------------------------------------------------------
commit 8f4cddbc903a402abb9f39c2e220ee3858188655
Author: Pauli <ppzgs1 at gmail.com>
Date: Tue Mar 23 10:59:34 2021 +1000
rand: fix coverity 1473636: data race condition
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14651)
commit 9aa4be691f5c73eb3c68606d824c104550c053f7
Author: Pauli <ppzgs1 at gmail.com>
Date: Tue Mar 23 10:35:13 2021 +1000
x509: fix coverity 1474424: data race condition
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14651)
commit 96a68f21c305d33f89e1e0bc9c45b6afb0de7654
Author: Pauli <ppzgs1 at gmail.com>
Date: Tue Mar 23 10:33:15 2021 +1000
x509: fix coverity 1461225: data race condition
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14651)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/rand_lib.c | 13 +++++++++----
crypto/x509/pcy_map.c | 4 +++-
crypto/x509/v3_purp.c | 5 ++++-
3 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 318540cff0..f6c5bc15ee 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -158,7 +158,8 @@ int RAND_poll(void)
}
# ifndef OPENSSL_NO_DEPRECATED_3_0
-int RAND_set_rand_method(const RAND_METHOD *meth)
+static int rand_set_rand_method_internal(const RAND_METHOD *meth,
+ ossl_unused ENGINE *e)
{
if (!RUN_ONCE(&rand_init, do_rand_init))
return 0;
@@ -167,13 +168,18 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
return 0;
# ifndef OPENSSL_NO_ENGINE
ENGINE_finish(funct_ref);
- funct_ref = NULL;
+ funct_ref = e;
# endif
default_RAND_meth = meth;
CRYPTO_THREAD_unlock(rand_meth_lock);
return 1;
}
+int RAND_set_rand_method(const RAND_METHOD *meth)
+{
+ return rand_set_rand_method_internal(meth, NULL);
+}
+
const RAND_METHOD *RAND_get_rand_method(void)
{
const RAND_METHOD *tmp_meth = NULL;
@@ -228,8 +234,7 @@ int RAND_set_rand_engine(ENGINE *engine)
}
/* This function releases any prior ENGINE so call it first */
- RAND_set_rand_method(tmp_meth);
- funct_ref = engine;
+ rand_set_rand_method_internal(tmp_meth, engine);
CRYPTO_THREAD_unlock(rand_engine_lock);
return 1;
}
diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c
index b599ff9804..d129eca4c3 100644
--- a/crypto/x509/pcy_map.c
+++ b/crypto/x509/pcy_map.c
@@ -73,8 +73,10 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
ret = 1;
bad_mapping:
- if (ret == -1)
+ if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) {
x->ex_flags |= EXFLAG_INVALID_POLICY;
+ CRYPTO_THREAD_unlock(x->lock);
+ }
sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
return ret;
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
index b98fc584ff..5b13fd7445 100644
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -681,7 +681,10 @@ static int check_ca(const X509 *x)
void X509_set_proxy_flag(X509 *x)
{
- x->ex_flags |= EXFLAG_PROXY;
+ if (CRYPTO_THREAD_write_lock(x->lock)) {
+ x->ex_flags |= EXFLAG_PROXY;
+ CRYPTO_THREAD_unlock(x->lock);
+ }
}
void X509_set_proxy_pathlen(X509 *x, long l)
More information about the openssl-commits
mailing list