Fix a mem leak when the FIPS provider is used in a different thread

We were neglecting to register the main thread to receive thread stop notifications. This is important if the thread that starts the FIPS provider is not the same one that is used when OPENSSL_cleanup() is called. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21964)
author: Matt Caswell <matt@openssl.org> 2023-09-25 16:44:47 +0100
committer: Matt Caswell <matt@openssl.org> 2023-09-27 17:23:04 +0100
commit: be203ea3d3a60a881993d1f7552084996d34ba0a (patch)
tree: 3c080b7221229a5d1b6b2649cba90bc35ed3ced0 /providers
parent: 1a18596149a325a679f8244bac52b6796dfcc48e (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 607ee11763..7ec409710b 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -706,6 +706,15 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
     fgbl->handle = handle;
 
     /*
+     * We need to register this thread to receive thread lifecycle callbacks.
+     * This wouldn't matter if the current thread is also the same thread that
+     * closes the FIPS provider down. But if that happens on a different thread
+     * then memory leaks could otherwise occur.
+     */
+    if (!ossl_thread_register_fips(libctx))
+        goto err;
+
+    /*
      * We did initial set up of selftest_params in a local copy, because we
      * could not create fgbl until c_CRYPTO_zalloc was defined in the loop
      * above.
author	Matt Caswell <matt@openssl.org>	2023-09-25 16:44:47 +0100
committer	Matt Caswell <matt@openssl.org>	2023-09-27 17:23:04 +0100
commit	be203ea3d3a60a881993d1f7552084996d34ba0a (patch)
tree	3c080b7221229a5d1b6b2649cba90bc35ed3ced0 /providers
parent	1a18596149a325a679f8244bac52b6796dfcc48e (diff)