crypto/engine/eng_devcrypto.c: ensure we don't leak resources

If engine building fails for some reason, we must make sure to close the /dev/crypto handle. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7506)
author: Richard Levitte <levitte@openssl.org> 2018-11-02 10:24:24 +0100
committer: Richard Levitte <levitte@openssl.org> 2018-11-02 20:21:59 +0100
commit: 681e8cacdbdc44ac00af29b6656fc52745a9baa2 (patch)
tree: 3ae685d6c453fd2d61fb27fbe4d95413a8eb1f0e /crypto/engine
parent: 458c7dad9e3f59490fb0908c1a27ca39e4cf38dd (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
index a15dc95a6e..4a0ba09a38 100644
--- a/crypto/engine/eng_devcrypto.c
+++ b/crypto/engine/eng_devcrypto.c
@@ -624,12 +624,20 @@ void engine_load_devcrypto_int()
     prepare_digest_methods();
 #endif
 
-    if ((e = ENGINE_new()) == NULL)
+    if ((e = ENGINE_new()) == NULL
+        || !ENGINE_set_destroy_function(e, devcrypto_unload)) {
+        ENGINE_free(e);
+        /*
+         * We know that devcrypto_unload() won't be called when one of the
+         * above two calls have failed, so we close cfd explicitly here to
+         * avoid leaking resources.
+         */
+        close(cfd);
         return;
+    }
 
     if (!ENGINE_set_id(e, "devcrypto")
         || !ENGINE_set_name(e, "/dev/crypto engine")
-        || !ENGINE_set_destroy_function(e, devcrypto_unload)
 
 /*
  * Asymmetric ciphers aren't well supported with /dev/crypto.  Among the BSD
author	Richard Levitte <levitte@openssl.org>	2018-11-02 10:24:24 +0100
committer	Richard Levitte <levitte@openssl.org>	2018-11-02 20:21:59 +0100
commit	681e8cacdbdc44ac00af29b6656fc52745a9baa2 (patch)
tree	3ae685d6c453fd2d61fb27fbe4d95413a8eb1f0e /crypto/engine
parent	458c7dad9e3f59490fb0908c1a27ca39e4cf38dd (diff)