Fix a mem leak when the FIPS provider is used in a different thread

We were neglecting to register the main thread to receive thread stop notifications. This is important if the thread that starts the FIPS provider is not the same one that is used when OPENSSL_cleanup() is called. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22210)
author: Matt Caswell <matt@openssl.org> 2023-09-25 16:44:47 +0100
committer: Pauli <pauli@openssl.org> 2023-10-03 18:54:03 +1100
commit: 6b3f7f0b28afc3e25ce505e5fde2d9f2b50cdb9e (patch)
tree: 5436342c0d94876eb85a340b1477ae4468fb05b2 /providers
parent: 354053395fbd20e5efb584427b5da9be9231fd93 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 0cd5e1bba2..bf22e907bc 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -700,6 +700,15 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
     fgbl->handle = handle;
 
     /*
+     * We need to register this thread to receive thread lifecycle callbacks.
+     * This wouldn't matter if the current thread is also the same thread that
+     * closes the FIPS provider down. But if that happens on a different thread
+     * then memory leaks could otherwise occur.
+     */
+    if (!ossl_thread_register_fips(libctx))
+        goto err;
+
+    /*
      * We did initial set up of selftest_params in a local copy, because we
      * could not create fgbl until c_CRYPTO_zalloc was defined in the loop
      * above.
author	Matt Caswell <matt@openssl.org>	2023-09-25 16:44:47 +0100
committer	Pauli <pauli@openssl.org>	2023-10-03 18:54:03 +1100
commit	6b3f7f0b28afc3e25ce505e5fde2d9f2b50cdb9e (patch)
tree	5436342c0d94876eb85a340b1477ae4468fb05b2 /providers
parent	354053395fbd20e5efb584427b5da9be9231fd93 (diff)