PR: 2813

Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.

diff --git a/CHANGES b/CHANGES
index 4baace1e624d72c597c31bb9b847e80b4299ed09..7cca7f00a7ad5e221f70f25e6e00c134e9d6fc02 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -291,6 +291,9 @@
 
  Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 
 
  Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 

+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+

   *) Don't use TLS 1.0 record version number in initial client hello
      if renegotiating.
      [Steve Henson]
   *) Don't use TLS 1.0 record version number in initial client hello
      if renegotiating.
      [Steve Henson]

diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index 627ec87f9f895502e63a8ee19b38d72d8be90013..b649e1fcf96ce322d5a1422cd5ae58b8ae1715fe 100644 (file)
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -175,12 +175,15 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
        CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
        if (key->pkey)
                {
        CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
        if (key->pkey)
                {

+               CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);

                EVP_PKEY_free(ret);
                ret = key->pkey;
                }
        else
                EVP_PKEY_free(ret);
                ret = key->pkey;
                }
        else

+               {

                key->pkey = ret;
                key->pkey = ret;

-       CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+               CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+               }

        CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
 
        return ret;
        CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
 
        return ret;