Fix a crash with multi-threaded applications using the FIPS module

The FIPS implementation of the ossl_ctx_thread_stop function needs to use an OSSL_LIB_CTX - but gets passed a provctx as an argument. It was assuming that these are the same thing (which was true at one point during development) - but that is no longer the case. The fix is to get the OSSL_LIB_CTX out of the provctx. Fixes #13469 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13660)
2025-04-28 18:54:36 +00:00 · 2020-12-10 14:44:25 +00:00 · 2020-12-10 14:44:25 +00:00 · f6b72c7d75
commit f6b72c7d75
parent c476c06f50
1 changed files with 4 additions and 2 deletions
--- a/crypto/initthread.c
+++ b/crypto/initthread.c
@ -14,6 +14,8 @@
 #include "internal/thread_once.h"

 #ifdef FIPS_MODULE
+#include "prov/provider_ctx.h"
+
 /*
 * Thread aware code may want to be told about thread stop events. We register
 * to hear about those thread stop events when we see a new thread has started.
@ -281,7 +283,7 @@ static const OSSL_LIB_CTX_METHOD thread_event_ossl_ctx_method = {
 void ossl_ctx_thread_stop(void *arg)
 {
    THREAD_EVENT_HANDLER **hands;
-    OSSL_LIB_CTX *ctx = arg;
+    OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(arg);
    CRYPTO_THREAD_LOCAL *local
        = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX,
                                &thread_event_ossl_ctx_method);
@ -289,7 +291,7 @@ void ossl_ctx_thread_stop(void *arg)
    if (local == NULL)
        return;
    hands = init_get_thread_local(local, 0, 0);
-    init_thread_stop(arg, hands);
+    init_thread_stop(ctx, hands);
    OPENSSL_free(hands);
 }
 #endif /* FIPS_MODULE */