open-quantum-safe
Double free detected when using context-string with oqs-provider
Describe the bug I tried using the context-string feature recently added to oqs-provider. Here's the OpenSSL command I executed:
openssl dgst -provider default -provider oqsprovider -sign key.pem \
-sigopt context-string:1122 -out sign.bin msg.bin
However, the command resulted in the following error and abnormal termination:
double free detected
Is this the correct way to use the feature?
To Reproduce Steps to reproduce the behavior:
- Use oqs-provider with a key file (key.pem) and a message file (msg.bin).
- Run the above OpenSSL command.
- Observe the "double free detected" error.
Suggested Fix I modified the code as follows, and the "double free detected" issue no longer occurred:
diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c
index b6f07a70..000c7dfb 100644
--- a/oqsprov/oqs_sig.c
+++ b/oqsprov/oqs_sig.c
@@ -1213,8 +1213,8 @@ static void oqs_sig_freectx(void *vpoqs_sigctx) {
OPENSSL_free(ctx->aid);
ctx->aid = NULL;
ctx->aid_len = 0;
- OPENSSL_free(ctx->context_string);
- ctx->context_string = NULL;
+// OPENSSL_free(ctx->context_string);
+// ctx->context_string = NULL;
ctx->context_string_length = 0;
OPENSSL_free(ctx);
}
This fix comments out the deallocation of ctx->context_string.
Environment
- OS: Ubuntu 22.04.1
- OpenSSL version 3.4.0
- oqsprovider version 0.8.0
Thanks for the report, @nakano-7107 !
Is this the correct way to use the feature?
It seems so -- but I've got to admit we don't have a test case for that, so you may very well have hit on a problem.
Would you be willing to add test case and fix proposal via PR?
However, I'm not entirely convinced that your change is the correct fix; I have the hunch that the allocation in OSSL_PARAM_get_octet_string is the probable culprit (with openssl core managing the memory and not oqsprovider. But let's see when we add the test case, e.g., to any of the command line tests triggered by "scripts/runtests.sh").
