Don't leave stale errors on queue if DSO_dsobyaddr() fails

The init code uses DSO_dsobyaddr() to leak a reference to ourselves to
ensure we remain loaded until atexit() time. In some circumstances that
can fail and leave stale errors on the error queue.

Fixes #3372

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3383)
(cherry picked from commit 689f112d9806fa4a0c2f8c108226639455bc770d)

diff --git a/crypto/init.c b/crypto/init.c
index c730e38767fdb0261344291a2cfd6302b69f32e3..647cfb6c63b3d7b2d9437cf71468e5aedc366ceb 100644 (file)
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -104,13 +104,15 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_base)
 # else
     /*
      * Deliberately leak a reference to ourselves. This will force the library
-     * to remain loaded until the atexit() handler is run a process exit.
+     * to remain loaded until the atexit() handler is run at process exit.
      */
     {
         DSO *dso = NULL;
 
+        ERR_set_mark();
         dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
         DSO_free(dso);
+        ERR_pop_to_mark();
     }
 # endif
 #endif
@@ -645,8 +647,10 @@ int OPENSSL_atexit(void (*handler)(void))
         {
             DSO *dso = NULL;
 
+            ERR_set_mark();
             dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
             DSO_free(dso);
+            ERR_pop_to_mark();
         }
 # endif
     }