fix use-after-free on PKCS11_pkey_meths.

OpenSC · Aug 14, 2019 · e64496a · e64496a
1 parent 21668cc
commit e64496a
Showing 1 changed file with 4 additions and 6 deletions.
diff --git a/src/p11_pkey.c b/src/p11_pkey.c
@@ -666,8 +666,8 @@ int PKCS11_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
 		EVP_PKEY_EC,
 		0
 	};
-	static EVP_PKEY_METHOD *pkey_method_rsa = NULL;
-	static EVP_PKEY_METHOD *pkey_method_ec = NULL;
+	EVP_PKEY_METHOD *pkey_method_rsa = NULL;
+	EVP_PKEY_METHOD *pkey_method_ec = NULL;
 
 	(void)e; /* squash the unused parameter warning */
 	/* all PKCS#11 engines currently share the same pkey_meths */
@@ -680,16 +680,14 @@ int PKCS11_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
 	/* get the EVP_PKEY_METHOD */
 	switch (nid) {
 	case EVP_PKEY_RSA:
-		if (pkey_method_rsa == NULL)
-			pkey_method_rsa = pkcs11_pkey_method_rsa();
+		pkey_method_rsa = pkcs11_pkey_method_rsa();
 		if (pkey_method_rsa == NULL)
 			return 0;
 		*pmeth = pkey_method_rsa;
 		return 1; /* success */
 #ifndef OPENSSL_NO_EC
 	case EVP_PKEY_EC:
-		if (pkey_method_ec == NULL)
-			pkey_method_ec = pkcs11_pkey_method_ec();
+		pkey_method_ec = pkcs11_pkey_method_ec();
 		if (pkey_method_ec == NULL)
 			return 0;
 		*pmeth = pkey_method_ec;