[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Mar 25 22:42:15 UTC 2021


The branch master has been updated
       via  8f4cddbc903a402abb9f39c2e220ee3858188655 (commit)
       via  9aa4be691f5c73eb3c68606d824c104550c053f7 (commit)
       via  96a68f21c305d33f89e1e0bc9c45b6afb0de7654 (commit)
      from  4f0831b837e97504d4cfbfecfca069c527be4a2b (commit)


- Log -----------------------------------------------------------------
commit 8f4cddbc903a402abb9f39c2e220ee3858188655
Author: Pauli <ppzgs1 at gmail.com>
Date:   Tue Mar 23 10:59:34 2021 +1000

    rand: fix coverity 1473636: data race condition
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14651)

commit 9aa4be691f5c73eb3c68606d824c104550c053f7
Author: Pauli <ppzgs1 at gmail.com>
Date:   Tue Mar 23 10:35:13 2021 +1000

    x509: fix coverity 1474424: data race condition
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14651)

commit 96a68f21c305d33f89e1e0bc9c45b6afb0de7654
Author: Pauli <ppzgs1 at gmail.com>
Date:   Tue Mar 23 10:33:15 2021 +1000

    x509: fix coverity 1461225: data race condition
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14651)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/rand_lib.c | 13 +++++++++----
 crypto/x509/pcy_map.c  |  4 +++-
 crypto/x509/v3_purp.c  |  5 ++++-
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 318540cff0..f6c5bc15ee 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -158,7 +158,8 @@ int RAND_poll(void)
 }
 
 # ifndef OPENSSL_NO_DEPRECATED_3_0
-int RAND_set_rand_method(const RAND_METHOD *meth)
+static int rand_set_rand_method_internal(const RAND_METHOD *meth,
+                                         ossl_unused ENGINE *e)
 {
     if (!RUN_ONCE(&rand_init, do_rand_init))
         return 0;
@@ -167,13 +168,18 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
         return 0;
 #  ifndef OPENSSL_NO_ENGINE
     ENGINE_finish(funct_ref);
-    funct_ref = NULL;
+    funct_ref = e;
 #  endif
     default_RAND_meth = meth;
     CRYPTO_THREAD_unlock(rand_meth_lock);
     return 1;
 }
 
+int RAND_set_rand_method(const RAND_METHOD *meth)
+{
+    return rand_set_rand_method_internal(meth, NULL);
+}
+
 const RAND_METHOD *RAND_get_rand_method(void)
 {
     const RAND_METHOD *tmp_meth = NULL;
@@ -228,8 +234,7 @@ int RAND_set_rand_engine(ENGINE *engine)
     }
 
     /* This function releases any prior ENGINE so call it first */
-    RAND_set_rand_method(tmp_meth);
-    funct_ref = engine;
+    rand_set_rand_method_internal(tmp_meth, engine);
     CRYPTO_THREAD_unlock(rand_engine_lock);
     return 1;
 }
diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c
index b599ff9804..d129eca4c3 100644
--- a/crypto/x509/pcy_map.c
+++ b/crypto/x509/pcy_map.c
@@ -73,8 +73,10 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 
     ret = 1;
  bad_mapping:
-    if (ret == -1)
+    if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) {
         x->ex_flags |= EXFLAG_INVALID_POLICY;
+        CRYPTO_THREAD_unlock(x->lock);
+    }
     sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
     return ret;
 
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
index b98fc584ff..5b13fd7445 100644
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -681,7 +681,10 @@ static int check_ca(const X509 *x)
 
 void X509_set_proxy_flag(X509 *x)
 {
-    x->ex_flags |= EXFLAG_PROXY;
+    if (CRYPTO_THREAD_write_lock(x->lock)) {
+        x->ex_flags |= EXFLAG_PROXY;
+        CRYPTO_THREAD_unlock(x->lock);
+    }
 }
 
 void X509_set_proxy_pathlen(X509 *x, long l)


More information about the openssl-commits mailing list