From ddfd7182cf2b7e69669cf4fd3471a37d09af4ea1 Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Wed, 2 Dec 2020 20:54:08 +1000
Subject: [PATCH] Fix EVP_PKEY_CTX propq so that it uses a copy

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12700)
---
 crypto/evp/pmeth_lib.c | 19 ++++++++++++++++---
 include/crypto/evp.h   |  2 +-
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 903e30acf0..2c2d939538 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -312,9 +312,14 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
         EVP_KEYMGMT_free(keymgmt);
         return NULL;
     }
-
+    if (propquery != NULL) {
+        ret->propquery = OPENSSL_strdup(propquery);
+        if (ret->propquery == NULL) {
+            EVP_KEYMGMT_free(keymgmt);
+            return NULL;
+        }
+    }
     ret->libctx = libctx;
-    ret->propquery = propquery;
     ret->keytype = keytype;
     ret->keymgmt = keymgmt;
     ret->legacy_keytype = id;   /* TODO: Remove when #legacy key are gone */
@@ -397,6 +402,7 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
 #endif
     EVP_KEYMGMT_free(ctx->keymgmt);
 
+    OPENSSL_free(ctx->propquery);
     EVP_PKEY_free(ctx->pkey);
     EVP_PKEY_free(ctx->peerkey);
 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
@@ -474,7 +480,14 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
     rctx->operation = pctx->operation;
     rctx->libctx = pctx->libctx;
     rctx->keytype = pctx->keytype;
-    rctx->propquery = pctx->propquery;
+    rctx->propquery = NULL;
+    if (pctx->propquery != NULL) {
+        rctx->propquery = OPENSSL_strdup(pctx->propquery);
+        if (rctx->propquery == NULL) {
+            OPENSSL_free(rctx);
+            return NULL;
+        }
+    }
 
     if (EVP_PKEY_CTX_IS_DERIVE_OP(pctx)) {
         if (pctx->op.kex.exchange != NULL) {
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 6eac2a0b63..c6cbd787a7 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -43,7 +43,7 @@ struct evp_pkey_ctx_st {
      * this context
      */
     OSSL_LIB_CTX *libctx;
-    const char *propquery;
+    char *propquery;
     const char *keytype;
     EVP_KEYMGMT *keymgmt;
 
-- 
GitLab