sm2_dupctx: Avoid potential use after free of the md

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18494)
author: Tomas Mraz <tomas@openssl.org> 2022-06-08 17:48:39 +0200
committer: Tomas Mraz <tomas@openssl.org> 2022-06-10 14:06:57 +0200
commit: 926c698c6f0a197e0322d4617db0ecd0d40f6e06 (patch)
tree: 01ecaa83437cb0abc9076ff9b336ea03c06c117b /providers/implementations
parent: d8732803c493cba7a863c5c16da62ee9d611c5ca (diff)
download: openssl-new-926c698c6f0a197e0322d4617db0ecd0d40f6e06.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/providers/implementations/asymciphers/sm2_enc.c b/providers/implementations/asymciphers/sm2_enc.c
index 9577d16e83..ddb2cfc14a 100644
--- a/providers/implementations/asymciphers/sm2_enc.c
+++ b/providers/implementations/asymciphers/sm2_enc.c
@@ -138,6 +138,8 @@ static void *sm2_dupctx(void *vpsm2ctx)
         return NULL;
 
     *dstctx = *srcctx;
+    memset(&dstctx->md, 0, sizeof(dstctx->md));
+
     if (dstctx->key != NULL && !EC_KEY_up_ref(dstctx->key)) {
         OPENSSL_free(dstctx);
         return NULL;
author	Tomas Mraz <tomas@openssl.org>	2022-06-08 17:48:39 +0200
committer	Tomas Mraz <tomas@openssl.org>	2022-06-10 14:06:57 +0200
commit	926c698c6f0a197e0322d4617db0ecd0d40f6e06 (patch)
tree	01ecaa83437cb0abc9076ff9b336ea03c06c117b /providers/implementations
parent	d8732803c493cba7a863c5c16da62ee9d611c5ca (diff)
download	openssl-new-926c698c6f0a197e0322d4617db0ecd0d40f6e06.tar.gz