From cf3bf39f142369f2a8000f33f18b7d9b599fcddb Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Wed, 8 Jun 2022 17:48:39 +0200
Subject: sm2_dupctx: Avoid potential use after free of the md

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18494)

(cherry picked from commit 926c698c6f0a197e0322d4617db0ecd0d40f6e06)
---
 providers/implementations/asymciphers/sm2_enc.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'providers')

diff --git a/providers/implementations/asymciphers/sm2_enc.c b/providers/implementations/asymciphers/sm2_enc.c
index 9577d16e83..ddb2cfc14a 100644
--- a/providers/implementations/asymciphers/sm2_enc.c
+++ b/providers/implementations/asymciphers/sm2_enc.c
@@ -138,6 +138,8 @@ static void *sm2_dupctx(void *vpsm2ctx)
         return NULL;
 
     *dstctx = *srcctx;
+    memset(&dstctx->md, 0, sizeof(dstctx->md));
+
     if (dstctx->key != NULL && !EC_KEY_up_ref(dstctx->key)) {
         OPENSSL_free(dstctx);
         return NULL;
-- 
cgit v1.2.3