Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()

Found via the reproducible error injection in #21668

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21723)

diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index d00ec75bead5dadb7e83f06420257f7bb386c9eb..acb061c26ab29ee88194c763c3af0c9119b29b6f 100644 (file)
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -835,12 +835,18 @@ OSSL_DECODER_CTX_new_for_pkey(EVP_PKEY **pkey,
         newcache->template = ctx;
 
         if (!CRYPTO_THREAD_write_lock(cache->lock)) {
+            ctx = NULL;
             ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB);
-            return NULL;
+            goto err;
         }
         res = lh_DECODER_CACHE_ENTRY_retrieve(cache->hashtable, &cacheent);
         if (res == NULL) {
-            lh_DECODER_CACHE_ENTRY_insert(cache->hashtable, newcache);
+            (void)lh_DECODER_CACHE_ENTRY_insert(cache->hashtable, newcache);
+            if (lh_DECODER_CACHE_ENTRY_error(cache->hashtable)) {
+                ctx = NULL;
+                ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB);
+                goto err;
+            }
         } else {
             /*
              * We raced with another thread to construct this and lost. Free