When ossl_provider_query_operation() returned NULL, the post-condition
callback wasn't called, and could make algorithm_do_this() falsely
tell the caller that there was an error. Because of this, a provider
that answered with NULL for a particular operation identity would
effectively block the same query on all following providers.
Fixes #12293
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12365)
map = ossl_provider_query_operation(provider, cur_operation,
&no_store);
- if (map == NULL)
- continue;
-
- while (map->algorithm_names != NULL) {
- const OSSL_ALGORITHM *thismap = map++;
+ if (map != NULL) {
+ while (map->algorithm_names != NULL) {
+ const OSSL_ALGORITHM *thismap = map++;
- data->fn(provider, thismap, no_store, data->data);
+ data->fn(provider, thismap, no_store, data->data);
+ }
}
/* Do we fulfill post-conditions? */