root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix fips cleanup of master key 

With the conversion to a fixed array, we can no longer just clean the
top level sparse array, as we don't enjoy the NULL check within the
sa_doall loop.

Add a NULL check in the fips cleanup routine to make up for this

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27794)
This commit is contained in:
Neil Horman 2025-06-17 13:32:44 -04:00
parent 24f0715e00
commit 32559a6035
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/threads_common.c
View File

@ -403,7 +403,8 @@ void CRYPTO_THREAD_clean_local_for_fips(void)
return;
mkey = CRYPTO_THREAD_get_local(&master_key);
clean_master_key(mkey);
if (mkey != NULL)
clean_master_key(mkey);
CRYPTO_THREAD_cleanup_local(&master_key);
}
#endif