Commit 7d926166de for openssl.org

commit 7d926166de0a86d3aae716c682fa295722e04f49
Author: Dr. David von Oheimb <dev@ddvo.net>
Date:   Wed Oct 22 15:28:29 2025 +0200

    cmp_vfy.c: fix crash on attempting to use invalidated sender cert on producing diagnostic information

    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/28973)

diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index 01c7422c38..16541d1af3 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -507,11 +507,11 @@ static int check_msg_find_cert(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
             return 1;
         }
         /* cached sender cert has shown to be no more successfully usable */
-        (void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL);
         /* re-do the above check (just) for adding diagnostic information */
         ossl_cmp_info(ctx,
             "trying to verify msg signature with previously validated cert");
         (void)check_msg_given_cert(ctx, scrt, msg);
+        (void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL); /* this invalidates scrt */
     }

     res = check_msg_all_certs(ctx, msg, 0 /* using ctx->trusted */)