Dev news

Commit 5efde2afed for openssl.org

commit 5efde2afedb23b12c7f42c8f6a1daa37a617220d
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date:   Sun Mar 22 22:59:45 2026 +1100

    Fix DSA sig dupctx pointer aliasing

    Same aliasing issue as with ECDSA in

        https://github.com/openssl/openssl/pull/30479

    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
    MergeDate: Tue Mar 24 15:45:34 2026
    (Merged from https://github.com/openssl/openssl/pull/30529)

diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c
index e2f093b556..c68980af76 100644
--- a/providers/implementations/signature/dsa_sig.c
+++ b/providers/implementations/signature/dsa_sig.c
@@ -641,13 +641,14 @@ static void *dsa_dupctx(void *vpdsactx)
     if (!ossl_prov_is_running())
         return NULL;

-    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
-    if (dstctx == NULL)
+    if ((dstctx = OPENSSL_memdup(srcctx, sizeof(*srcctx))) == NULL)
         return NULL;

-    *dstctx = *srcctx;
     dstctx->dsa = NULL;
     dstctx->propq = NULL;
+    dstctx->md = NULL;
+    dstctx->mdctx = NULL;
+    dstctx->sig = NULL;

     if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa))
         goto err;
@@ -657,18 +658,15 @@ static void *dsa_dupctx(void *vpdsactx)
         goto err;
     dstctx->md = srcctx->md;

-    if (srcctx->mdctx != NULL) {
-        dstctx->mdctx = EVP_MD_CTX_new();
-        if (dstctx->mdctx == NULL
-            || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
-            goto err;
-    }
-
-    if (srcctx->propq != NULL) {
-        dstctx->propq = OPENSSL_strdup(srcctx->propq);
-        if (dstctx->propq == NULL)
-            goto err;
-    }
+    if (srcctx->mdctx != NULL
+        && (dstctx->mdctx = EVP_MD_CTX_dup(srcctx->mdctx)) == NULL)
+        goto err;
+    if (srcctx->propq != NULL
+        && ((dstctx->propq = OPENSSL_strdup(srcctx->propq)) == NULL))
+        goto err;
+    if (srcctx->sig != NULL
+        && ((dstctx->sig = OPENSSL_memdup(srcctx->sig, srcctx->siglen)) == NULL))
+        goto err;

     return dstctx;
 err:
@@ -957,6 +955,12 @@ static int dsa_sigalg_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
             if (!OSSL_PARAM_get_octet_string(p.sig, (void **)&pdsactx->sig,
                     0, &pdsactx->siglen))
                 return 0;
+            /* The signature must not be empty */
+            if (pdsactx->siglen == 0) {
+                OPENSSL_free(pdsactx->sig);
+                pdsactx->sig = NULL;
+                return 0;
+            }
         }
     }
     return 1;