evp: address a use after free state when using HMAC and MD copy.

Fixes #17261 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17263) (cherry picked from commit ad2fcee1632d3f21a37e8e108d4c0dcf9099686d)
author: Pauli <pauli@openssl.org> 2021-12-13 12:16:18 +1100
committer: Pauli <pauli@openssl.org> 2021-12-17 14:41:21 +1100
commit: 9a4e7d863fa5a65b0efef96c1c4891864aac036f (patch)
tree: 08a3cf95d5aa2553ebfef728825c09adae52a548 /crypto/evp
parent: 7a2e2f291badb58796d4fd3672f381f3e7a8323d (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index d3a28fa351..d92059cbcc 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -520,7 +520,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
         if (out->fetched_digest != NULL)
             EVP_MD_free(out->fetched_digest);
         *out = *in;
-        return 1;
+        goto clone_pkey;
     }
 
     if (in->digest->prov == NULL
@@ -551,6 +551,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
         }
     }
 
+ clone_pkey:
     /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
     EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
 #ifndef FIPS_MODULE
author	Pauli <pauli@openssl.org>	2021-12-13 12:16:18 +1100
committer	Pauli <pauli@openssl.org>	2021-12-17 14:41:21 +1100
commit	9a4e7d863fa5a65b0efef96c1c4891864aac036f (patch)
tree	08a3cf95d5aa2553ebfef728825c09adae52a548 /crypto/evp
parent	7a2e2f291badb58796d4fd3672f381f3e7a8323d (diff)