[PATCH] crypto/openssl: fix use-after-free bug and cleanup

[Pratik Senapati]

params is freed before it is used by
EVP_PKEY_decapsulate_init() causing a
use-after-free issue. Pass NULL to
EVP_PKEY_decapsulate_init() instead of params
to avoid it.

Add resource cleanup for all error paths in the ML-KEM
decapsulate handler and consolidate cleanup into
two goto labels err_pkey and err_decap.

Fixes: 5f761d7b60 ("crypto/openssl: support ML-KEM and ML-DSA")
Cc: stable at dpdk.org
Signed-off-by: Pratik Senapati <psenapati at marvell.com>
---
 .mailmap                                 |  1 +
 drivers/crypto/openssl/rte_openssl_pmd.c | 30 +++++++++++-------------
 2 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/.mailmap b/.mailmap
index 4f93307aed..031becba8c 100644
--- a/.mailmap
+++ b/.mailmap
@@ -1929,3 +1929,4 @@ Zoltan Kiss <zoltan.kiss at schaman.hu> <zoltan.kiss at linaro.org>
 Zorik Machulsky <zorik at amazon.com>
 Zyta Szpak <zyta at marvell.com> <zr at semihalf.com>
 Zyta Szpak <zyta at marvell.com> <zyta.szpak at semihalf.com>
+Pratik Senapati <psenapati at marvell.com>
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..5bc51b8f0f 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -3683,38 +3683,29 @@ mlkem_decap_op_evp(struct rte_crypto_op *cop,
 	}
 
 	cctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);
-	if (cctx == NULL) {
-		EVP_PKEY_free(pkey);
-		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		return -1;
-	}
+	if (cctx == NULL)
+		goto err_pkey;
 
-	if (EVP_PKEY_decapsulate_init(cctx, params) != 1) {
+	if (EVP_PKEY_decapsulate_init(cctx, NULL) != 1) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		return -1;
+		goto err_decap;
 	}
 
 	if (EVP_PKEY_decapsulate(cctx, NULL, &keylen,
 		op->decap.cipher.data, op->decap.cipher.length) != 1) {
 		OPENSSL_LOG(ERR, "Failed to determine output length");
-		EVP_PKEY_free(pkey);
-		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		return -1;
+		goto err_decap;
 	}
 
 	if (keylen > op->decap.sk.length) {
 		OPENSSL_LOG(ERR, "Insufficient buffer for shared key");
-		EVP_PKEY_free(pkey);
-		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		return -1;
+		goto err_decap;
 	}
 
 	if (EVP_PKEY_decapsulate(cctx, op->decap.sk.data, &keylen,
 			op->decap.cipher.data, op->decap.cipher.length) != 1) {
 		OPENSSL_LOG(ERR, "Failed to decapsulate");
-		EVP_PKEY_free(pkey);
-		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		return -1;
+		goto err_decap;
 	}
 
 	op->decap.sk.length = keylen;
@@ -3724,6 +3715,13 @@ mlkem_decap_op_evp(struct rte_crypto_op *cop,
 	ret = 0;
 	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 	return ret;
+
+err_decap:
+	EVP_PKEY_CTX_free(cctx);
+err_pkey:
+	EVP_PKEY_free(pkey);
+	cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	return -1;
 }
 
 static int
-- 
2.43.0