Fix memory leak cause by race condition when creating public keys.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.

diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index d42b6a2c54cbac464edac9f8888b18d2520a38fb..627ec87f9f895502e63a8ee19b38d72d8be90013 100644 (file)
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -171,7 +171,16 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
                goto error;
                }
 
-       key->pkey = ret;
+       /* Check to see if another thread set key->pkey first */
+       CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+       if (key->pkey)
+               {
+               EVP_PKEY_free(ret);
+               ret = key->pkey;
+               }
+       else
+               key->pkey = ret;
+       CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
        CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
 
        return ret;