[openssl] master update

beldmit at gmail.com beldmit at gmail.com
Sat May 1 16:24:51 UTC 2021 

The branch master has been updated
       via  045a893091994a5837a2bec9cc5646ae9ff07a2c (commit)
      from  dd28d1c4d305574e5feacb0f3fee21192b9ccf2f (commit)


- Log -----------------------------------------------------------------
commit 045a893091994a5837a2bec9cc5646ae9ff07a2c
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Tue Apr 27 22:50:18 2021 +0200

    ssl:  fix possible ref counting fields use before init.
    
    `strdup(propq)` failure is doing a `goto err;` from where `SSL_CTX_free` is called.
    The possible call is made before reference and lock fields setup.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/15052)

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_lib.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3d0f309fd2..27a5ec4581 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3181,6 +3181,15 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
     if (ret == NULL)
         goto err;
 
+    /* Init the reference counting before any call to SSL_CTX_free */
+    ret->references = 1;
+    ret->lock = CRYPTO_THREAD_lock_new();
+    if (ret->lock == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+        OPENSSL_free(ret);
+        return NULL;
+    }
+
     ret->libctx = libctx;
     if (propq != NULL) {
         ret->propq = OPENSSL_strdup(propq);
@@ -3196,13 +3205,6 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
     ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
     /* We take the system default. */
     ret->session_timeout = meth->get_timeout();
-    ret->references = 1;
-    ret->lock = CRYPTO_THREAD_lock_new();
-    if (ret->lock == NULL) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
-        OPENSSL_free(ret);
-        return NULL;
-    }
     ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
     ret->verify_mode = SSL_VERIFY_NONE;
     if ((ret->cert = ssl_cert_new()) == NULL)

More information about the openssl-commits mailing list