Crash on loading dll if it initializes with error #615
Description
Hi there! I'm using pkcs11.dll to load cryptoki.dll. I've got stable crash when cryptoki.dll initializes with error.
Detailed description. When we load module (util_uri.c, line 174), we call pkcs11_CTX_load(). After module successfully loaded (p11_load.c, line 99), both method and handle members of cpriv structure are initialized. Then we call pkcs11_initialize() (p11_load.c, line 105). However, if C_Initialize() method returns error (in my case it was 0x80000384 — "General error from secure messaging system – probably caused by HSM failure or network failure"), we unload module (p11_load.c, lines 106-107). Notice only handle member is nulled; method is unchanged, though it pointers are no more valid. Then we return back to util_ctx_init_libp11(), and it tries to free module once again, calling UTIL_CTX_free_libp11() (util_uri.c, line 180). Ultimately we end up in pkcs11_CTX_unload() (p11_load.c, line 143). There we check if module if loaded by checking method member (p11_load.c, line 147), but it's not null (only handle is cleared). And so we crash when calling cpriv->method->C_Finalize(NULL) (p11_load.c, line 152).
As for the fix, there're a lot ways to fix it (clear method as well as handle, avoid unloading module twice, etc.), but the simplest fix is to check both method and handle in p11_load.c, line 147. I've verified this fix and can confirm that it works.
Thanks!