From: Matt Caswell Date: Thu, 10 Dec 2020 14:44:25 +0000 (+0000) Subject: Fix a crash with multi-threaded applications using the FIPS module X-Git-Tag: openssl-3.0.0-alpha11~101 X-Git-Url: https://git.openssl.org/?a=commitdiff_plain;h=f6b72c7d75658e843ea0864e2f202cdc091020f9;p=openssl.git Fix a crash with multi-threaded applications using the FIPS module The FIPS implementation of the ossl_ctx_thread_stop function needs to use an OSSL_LIB_CTX - but gets passed a provctx as an argument. It was assuming that these are the same thing (which was true at one point during development) - but that is no longer the case. The fix is to get the OSSL_LIB_CTX out of the provctx. Fixes #13469 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13660) --- diff --git a/crypto/initthread.c b/crypto/initthread.c index 8a7afbfd86..f172c53cd6 100644 --- a/crypto/initthread.c +++ b/crypto/initthread.c @@ -14,6 +14,8 @@ #include "internal/thread_once.h" #ifdef FIPS_MODULE +#include "prov/provider_ctx.h" + /* * Thread aware code may want to be told about thread stop events. We register * to hear about those thread stop events when we see a new thread has started. @@ -281,7 +283,7 @@ static const OSSL_LIB_CTX_METHOD thread_event_ossl_ctx_method = { void ossl_ctx_thread_stop(void *arg) { THREAD_EVENT_HANDLER **hands; - OSSL_LIB_CTX *ctx = arg; + OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(arg); CRYPTO_THREAD_LOCAL *local = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX, &thread_event_ossl_ctx_method); @@ -289,7 +291,7 @@ void ossl_ctx_thread_stop(void *arg) if (local == NULL) return; hands = init_get_thread_local(local, 0, 0); - init_thread_stop(arg, hands); + init_thread_stop(ctx, hands); OPENSSL_free(hands); } #endif /* FIPS_MODULE */