From fb1ecf85c9f732e5827771ff243d7a70e06ce112 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 29 Oct 2019 22:17:19 +0100 Subject: [PATCH] evp_pkey_ctx_free_old_ops(): Make sure to assign NULL to freed pointers Otherwise, should this function be called more than once on the same EVP_PKEY_CTX, we get double free issues. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10292) --- crypto/evp/pmeth_lib.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 1186e5ba3a..350d963086 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -201,10 +201,14 @@ void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx) if (ctx->op.kex.exchprovctx != NULL && ctx->op.kex.exchange != NULL) ctx->op.kex.exchange->freectx(ctx->op.kex.exchprovctx); EVP_KEYEXCH_free(ctx->op.kex.exchange); + ctx->op.kex.exchprovctx = NULL; + ctx->op.kex.exchange = NULL; } else if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) { if (ctx->op.sig.sigprovctx != NULL && ctx->op.sig.signature != NULL) ctx->op.sig.signature->freectx(ctx->op.sig.sigprovctx); EVP_SIGNATURE_free(ctx->op.sig.signature); + ctx->op.sig.sigprovctx = NULL; + ctx->op.sig.signature = NULL; } } -- 2.25.1