Commit 1a1f568798 for openssl.org

commit 1a1f5687989fbdea5be55132df09fab7145dd072
Author: 007bsd <22483432+007bsd@users.noreply.github.com>
Date:   Mon May 4 20:07:29 2026 +0300

    Fix function pointer type mismatch when freeing ML-KEM keys

    ossl_ml_kem_key_free is declared as void(ML_KEM_KEY *) but registered
    directly in the ML-KEM keymgmt OSSL_DISPATCH table for
    OSSL_FUNC_KEYMGMT_FREE, which is invoked through a void(*)(void *)
    pointer in evp_keymgmt_freedata. Calling a function through a pointer
    to an incompatible function type is undefined behavior and is
    reported by UndefinedBehaviorSanitizer on every ML-KEM key free:

        crypto/evp/keymgmt_meth.c:392:5: runtime error: call to function
          ossl_ml_kem_key_free through pointer to incorrect function type
          'void (*)(void *)'
        crypto/ml_kem/ml_kem.c:1751: note: ossl_ml_kem_key_free defined here

    Mirror the wrapper pattern used by ml_dsa_free_key, slh_dsa_free_key,
    dsa_freedata, ec_freedata, and lms_free_key: add a small static
    ml_kem_free_key with the correct OSSL_FUNC_keymgmt_free_fn signature
    that forwards to ossl_ml_kem_key_free, and register the wrapper in
    the dispatch table. The existing direct callers of
    ossl_ml_kem_key_free in ml_kem_kmgmt.c are unchanged since they pass
    a typed ML_KEM_KEY *.

    CLA: trivial

    Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
    Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
    Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
    MergeDate: Thu May 14 09:31:57 2026
    (Merged from https://github.com/openssl/openssl/pull/31078)

diff --git a/providers/implementations/keymgmt/ml_kem_kmgmt.c b/providers/implementations/keymgmt/ml_kem_kmgmt.c
index 237c923960..8477cd9340 100644
--- a/providers/implementations/keymgmt/ml_kem_kmgmt.c
+++ b/providers/implementations/keymgmt/ml_kem_kmgmt.c
@@ -35,6 +35,7 @@
 static OSSL_FUNC_keymgmt_new_fn ml_kem_512_new;
 static OSSL_FUNC_keymgmt_new_fn ml_kem_768_new;
 static OSSL_FUNC_keymgmt_new_fn ml_kem_1024_new;
+static OSSL_FUNC_keymgmt_free_fn ml_kem_free_key;
 static OSSL_FUNC_keymgmt_gen_fn ml_kem_gen;
 static OSSL_FUNC_keymgmt_gen_init_fn ml_kem_512_gen_init;
 static OSSL_FUNC_keymgmt_gen_init_fn ml_kem_768_gen_init;
@@ -826,6 +827,11 @@ static void *ml_kem_dup(const void *vkey, int selection)
     return ossl_ml_kem_key_dup(key, selection);
 }

+static void ml_kem_free_key(void *keydata)
+{
+    ossl_ml_kem_key_free((ML_KEM_KEY *)keydata);
+}
+
 #ifndef FIPS_MODULE
 #define DISPATCH_LOAD_FN \
     { OSSL_FUNC_KEYMGMT_LOAD, (OSSL_FUNC)ml_kem_load },
@@ -848,7 +854,7 @@ static void *ml_kem_dup(const void *vkey, int selection)
     }                                                                                     \
     const OSSL_DISPATCH ossl_ml_kem_##bits##_keymgmt_functions[] = {                      \
         { OSSL_FUNC_KEYMGMT_NEW, (OSSL_FUNC)ml_kem_##bits##_new },                        \
-        { OSSL_FUNC_KEYMGMT_FREE, (OSSL_FUNC)ossl_ml_kem_key_free },                      \
+        { OSSL_FUNC_KEYMGMT_FREE, (OSSL_FUNC)ml_kem_free_key },                           \
         { OSSL_FUNC_KEYMGMT_GET_PARAMS, (OSSL_FUNC)ml_kem_get_params },                   \
         { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (OSSL_FUNC)ml_kem_gettable_params },         \
         { OSSL_FUNC_KEYMGMT_SET_PARAMS, (OSSL_FUNC)ml_kem_set_params },                   \