root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

evp: address a use after free state when using HMAC and MD copy. 

Fixes #17261

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17263)
This commit is contained in:
Pauli 2021-12-13 12:16:18 +11:00
parent dd2fcc1f7c
commit ad2fcee163
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/evp/digest.c
View File

@ -521,7 +521,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
if (out->fetched_digest != NULL) if (out->fetched_digest != NULL)
EVP_MD_free(out->fetched_digest); EVP_MD_free(out->fetched_digest);
*out = *in; *out = *in;
return 1; goto clone_pkey;
} }
if (in->digest->prov == NULL if (in->digest->prov == NULL
@ -552,6 +552,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
} }
} }
clone_pkey:
/* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */ /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
#ifndef FIPS_MODULE #ifndef FIPS_MODULE