3.0.3 - EVP_EC_gen() segfault without init

[Tomas Mraz]

Fix is here:
https://github.com/openssl/openssl/pull/18247

On Thu, 2022-05-05 at 07:54 +0200, Tomas Mraz wrote:
> Yes, this is unfortunately a bug in 3.0.3 release. Calling
> OPENSSL_init_crypto should not be necessary.
> 
> Tomas Mraz
> 
> On Wed, 2022-05-04 at 21:58 +0200, Klaus Keppler wrote:
> > Hello,
> > 
> > yesterday we updated OpenSSL from 3.0.2 to 3.0.3, what made some of
> > our 
> > unit tests crash.
> > 
> > I've boiled the problem down to the following example code:
> > 
> > ---cut---
> > #include <openssl/crypto.h>
> > #include <openssl/ec.h>
> > #include <openssl/evp.h>
> > 
> > int main(int argc, const char *argv[]) {
> >      //OPENSSL_init_crypto(0, NULL);
> >      if (! EVP_EC_gen("P-384")) return -1;
> >      return 0;
> > }
> > ---/cut---
> > 
> > Compile with:
> > 
> >    gcc -Wall -Werror -pedantic -o test test.c -lcrypto
> > 
> > With OpenSSL 3.0.2 this runs just fine, with OpenSSL 3.0.3 we get a
> > segmentation fault during a string comparison within
> > EVP_PKEY_Q_keygen 
> > (EVP_EC_gen is just a macro).
> > 
> > I assume that the curve names are not properly initialized, when you 
> > uncomment the call to "OPENSSL_init_crypto()", everything works just
> > fine.
> > 
> > The documentation [1] of OPENSSL_init_crypto() states that explicit
> > initialization is not required. Man page of EVP_EC_gen [2] says
> > nothing 
> > about initialization.
> > Considering that 3.0.3 is only a minor update and 3.0.2 worked as 
> > expected, we might have hit a bug. If this (above) is "just" a usage 
> > error, the documentation should describe in which cases an explicit
> > initialization is required.
> > 
> > Anyway, thank you for all your efforts!
> > 
> > Best regards
> > 
> >     -Klaus Keppler
> > 
> > 
> > [1] https://www.openssl.org/docs/man3.0/man3/OPENSSL_init_crypto.html
> > [2] https://www.openssl.org/docs/man3.0/man3/EVP_EC_gen.html
> 

-- 
Tomáš Mráz, OpenSSL