Add locking to CRYPTO_secure_used

Coverity issue 1551719 noted CRYPTO_secure_used referenced a shared variable without taking the appropriate read lock. Add that. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22802) (cherry picked from commit 7eae6ee0e503b0961d4f2e75baac981f2766b892)
author: Neil Horman <nhorman@openssl.org> 2023-11-22 14:20:39 -0500
committer: Neil Horman <nhorman@openssl.org> 2023-12-01 09:42:13 -0500
commit: 0d96d00f1f42b1fc67d963602466e1bbf37900a3 (patch)
tree: 22d3306877117205aa0834671ccd519492b7aede /crypto
parent: a3d6fc8cf7059cfbe32e56d6ac810fed0872a449 (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index e1a3193477..b6bdb6bb43 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -238,11 +238,17 @@ int CRYPTO_secure_allocated(const void *ptr)
 
 size_t CRYPTO_secure_used(void)
 {
+    size_t ret = 0;
+
 #ifndef OPENSSL_NO_SECURE_MEMORY
-    return secure_mem_used;
-#else
-    return 0;
+    if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
+        return 0;
+
+    ret = secure_mem_used;
+
+    CRYPTO_THREAD_unlock(sec_malloc_lock);
 #endif /* OPENSSL_NO_SECURE_MEMORY */
+    return ret;
 }
 
 size_t CRYPTO_secure_actual_size(void *ptr)
author	Neil Horman <nhorman@openssl.org>	2023-11-22 14:20:39 -0500
committer	Neil Horman <nhorman@openssl.org>	2023-12-01 09:42:13 -0500
commit	0d96d00f1f42b1fc67d963602466e1bbf37900a3 (patch)
tree	22d3306877117205aa0834671ccd519492b7aede /crypto
parent	a3d6fc8cf7059cfbe32e56d6ac810fed0872a449 (diff)