]> granicus.if.org Git - openssl/commitdiff
Prevent an infinite recursion when the query cache is flushed.
authorPauli <paul.dale@oracle.com>
Wed, 31 Jul 2019 09:31:45 +0000 (19:31 +1000)
committerPauli <paul.dale@oracle.com>
Thu, 1 Aug 2019 05:41:30 +0000 (15:41 +1000)
The problem being that the "requires flush" flag was being cleared after the
the flush.  The fix is to clear it before.  This is a problem because the
cache flushing called RAND_bytes and if the DRBG hadn't been created yet, it
would be queried and added to the cache causing the flush code to repeat.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9477)

crypto/property/property.c

index a92968c9020c3d058a5d2a2209a7be0e91e50b13..cab2ab243eddb942855375d525b64f9d4153c046 100644 (file)
@@ -429,8 +429,8 @@ static void ossl_method_cache_flush_some(OSSL_METHOD_STORE *store)
     state.nelem = 0;
     if ((state.seed = OPENSSL_rdtsc()) == 0)
         state.seed = 1;
-    ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_one_alg, &state);
     store->need_flush = 0;
+    ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_one_alg, &state);
     store->nelem = state.nelem;
 }