From 4acca314105512e798b1f9100b50de7ced92d5cd Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 14 Apr 2019 16:43:49 +0000
Subject: Avoid potential double-frees following EVP_CIPHER_CTX_copy().

In the case of a cipher with a custom copy control, if that control fails
we may still have pointers that we do not own in the previously copied
cipher data. Avoid potential double-frees by zeroing and freeing the
copied cipher data in this case.

Issue reported by Guido Vranken.

ok tb@
---
 src/lib/libcrypto/evp/evp_enc.c | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index a229901956..38605a6fe1 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.40 2019/03/17 18:07:41 tb Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.41 2019/04/14 16:43:49 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -674,8 +674,21 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 		memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
 	}
 
-	if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
-		return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
-		    EVP_CTRL_COPY, 0, out);
+	if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
+		if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY,
+		    0, out)) {
+			/*
+			 * If the custom copy control failed, assume that there
+			 * may still be pointers copied in the cipher_data that
+			 * we do not own. This may result in a leak from a bad
+			 * custom copy control, but that's preferable to a
+			 * double free...
+			 */
+			freezero(out->cipher_data, in->cipher->ctx_size);
+			out->cipher_data = NULL;
+			return 0;
+		}
+	}
+
 	return 1;
 }
-- 
cgit v1.2.3-55-g6feb