Under some circumstances, the reference count for a cipher wasn't updated
properly. This shows up best when fetches are not being queried but would be
possible if the cache flushed at a bad time.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14126)
#endif
}
+ if (cipher->prov != NULL) {
+ if (!EVP_CIPHER_up_ref((EVP_CIPHER *)cipher)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ EVP_CIPHER_free(ctx->fetched_cipher);
+ ctx->fetched_cipher = (EVP_CIPHER *)cipher;
+ }
ctx->cipher = cipher;
if (ctx->provctx == NULL) {
ctx->provctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov));