From 773fd0bad487fe8f1cf722ca14cec2c4a2da3e21 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 11 Mar 2016 09:52:52 +0000 Subject: [PATCH] Call CONF_modules_free() before ENGINE_cleanup() in auto-deinit During auto de-init we were calling ENGINE_cleanup(), and then later CONF_modules_free(). However the latter function can end up calling engine code, which can lead to a use of the global_engine_lock after it has already been freed. Therefore we should swap the calling order of these two functions. Reviewed-by: Rich Salz --- crypto/init.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/init.c b/crypto/init.c index 1cac74193f..aac87deb4e 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -468,13 +468,13 @@ void OPENSSL_cleanup(void) fprintf(stderr, "OPENSSL_INIT: OPENSSL_INIT_library_stop: " "RAND_cleanup()\n"); -#endif -#ifndef OPENSSL_NO_ENGINE - ENGINE_cleanup(); #endif CRYPTO_cleanup_all_ex_data(); EVP_cleanup(); CONF_modules_free(); +#ifndef OPENSSL_NO_ENGINE + ENGINE_cleanup(); +#endif RAND_cleanup(); base_inited = 0; } -- 2.25.1