You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The root cause for the bug above is that ENGINE_set1_engine() is called in load_privkey(), but its return value is not checked. The failure in ENGINE_get_pkey_meths(), called internally in ENGINE_set1_engine(), is ignored.
So the returned EVP_PKEY does not contain a reference to the engine in pkey_meths (but contains all other data necessary to perform signatures).
When ENGINE_finish() is called, the reference counter for the engine reaches zero, and the structures are freed.
Then, when the openssl application exits, the destructors are called and they try to free the engine structures again, causing a double free and core dump.
The fix is to make ENGINE_get_pkey_meths() to report properly if the PKCS11 module supports EC methods.
The text was updated successfully, but these errors were encountered:
This bug was originally reported in https://bugzilla.redhat.com/show_bug.cgi?id=1619184
The root cause for the bug above is that ENGINE_set1_engine() is called in load_privkey(), but its return value is not checked. The failure in ENGINE_get_pkey_meths(), called internally in ENGINE_set1_engine(), is ignored.
So the returned EVP_PKEY does not contain a reference to the engine in pkey_meths (but contains all other data necessary to perform signatures).
When ENGINE_finish() is called, the reference counter for the engine reaches zero, and the structures are freed.
Then, when the openssl application exits, the destructors are called and they try to free the engine structures again, causing a double free and core dump.
The fix is to make ENGINE_get_pkey_meths() to report properly if the PKCS11 module supports EC methods.
The text was updated successfully, but these errors were encountered: