Skip to content

crypto: Fix double EVP_MAC_free bug#10859

Open
sverker wants to merge 1 commit intoerlang:maint-27from
sverker:sverker/crypto/EVP_MAC-double-free/OTP-20041
Open

crypto: Fix double EVP_MAC_free bug#10859
sverker wants to merge 1 commit intoerlang:maint-27from
sverker:sverker/crypto/EVP_MAC-double-free/OTP-20041

Conversation

@sverker
Copy link
Contributor

@sverker sverker commented Mar 16, 2026
edited
Loading

Fix #10794.

Caused by crypto:mac_init doing EVP_MAC_fetch without matching EVP_MAC_free. An internal 32-bit signed reference counter could overflow into negative after ~2 billion calls to crypto:mac_init and lead to a double-free crash.

Already fixed in OTP 28.0 by #9119.

Cherry-picked f2acfa0.

@qzhuyan @sverker
crypto: Call EVP_MAC_fetch once at load and free at unload
1ec3ed9 
Cherry-picked f2acfa0

In the doc of EVP_MAC_fetch(), https://docs.openssl.org/3.0/man3/EVP_MAC
"The returned value must eventually be freed with EVP_MAC_free(3)."

Co-authored-by: Sverker Eriksson <sverker@erlang.org>
Co-authored-by: William Yang <mscame@gmail.com>
@sverker sverker self-assigned this Mar 16, 2026
@sverker sverker added team:VM Assigned to OTP team VM fix labels Mar 16, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 16, 2026
edited
Loading

CT Test Results

  2 files   14 suites   5m 55s ⏱️
187 tests 173 ✅  14 💤 0 ❌
469 runs  330 ✅ 139 💤 0 ❌

Results for commit 1ec3ed9.

♻️ This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

@sverker
Copy link
Contributor Author

sverker commented Mar 16, 2026

Note to self: Based on maint-27 to avoid merge conflicts. Do manual merge.

      DO NOT CLICK MERGE!

@sverker sverker mentioned this pull request Mar 16, 2026
Closed
@sverker sverker requested a review from Copilot March 16, 2026 17:23
Copilot AI reviewed Mar 16, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes an OpenSSL 3 EVP_MAC_fetch() lifetime issue in the streaming MAC NIF (crypto:mac_init/3) by ensuring fetched EVP_MAC objects are freed, preventing long-running refcount overflow that can lead to a double-free crash.

Changes:

  • Cache EVP_MAC* per MAC algorithm at NIF load time (OpenSSL 3) instead of fetching per mac_init call.
  • Add fini_mac_types() to release cached EVP_MAC* objects during NIF unload.
  • Minor destructor hardening by guarding the context free with braces.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
lib/crypto/c_src/mac.h Exposes fini_mac_types() for cleanup on unload.
lib/crypto/c_src/mac.c Adds cached OpenSSL 3 EVP_MAC storage/fetch and unload-time freeing; updates mac_init_nif to reuse cached handles.
lib/crypto/c_src/crypto.c Calls fini_mac_types() during unload (OpenSSL 3 path) before provider unload.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@sverker sverker

Labels

fix team:VM Assigned to OTP team VM

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sverker @qzhuyan