add wolfSSL_Atomic_Ptr_CompareExchange(); mitigate race on ctx->privateKeyPKey in wolfSSL_CTX_get0_privatekey().

Author: douzzer

src/ssl.c

@@ -7605,12 +7605,25 @@ WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX* ctx)
     #ifdef WOLFSSL_BLIND_PRIVATE_KEY
         wolfssl_priv_der_unblind(ctx->privateKey, ctx->privateKeyMask);
     #endif
-        res = wolfSSL_d2i_PrivateKey(type,
-                (WOLFSSL_EVP_PKEY**)&ctx->privateKeyPKey, &key,
+        res = wolfSSL_d2i_PrivateKey(type, NULL, &key,
                 (long)ctx->privateKey->length);
     #ifdef WOLFSSL_BLIND_PRIVATE_KEY
         wolfssl_priv_der_unblind(ctx->privateKey, ctx->privateKeyMask);
     #endif
+        if (res) {
+#ifdef WOLFSSL_ATOMIC_OPS
+            WOLFSSL_EVP_PKEY *current_pkey = NULL;
+            if (! wolfSSL_Atomic_Ptr_CompareExchange(
+                    (void **)&ctx->privateKeyPKey,
+                    (void **)&current_pkey, res))
+            {
+                wolfSSL_EVP_PKEY_free(res);
+                res = current_pkey;
+            }
+#else
+            ctx->privateKeyPKey = res;
+#endif
+        }
     }
 
     return res;

wolfcrypt/src/wc_port.c

@@ -1357,6 +1357,13 @@ int wolfSSL_Atomic_Uint_CompareExchange(
         c, expected_i, new_i, 0 /* weak */, __ATOMIC_SEQ_CST, __ATOMIC_ACQUIRE);
 }
 
+int wolfSSL_Atomic_Ptr_CompareExchange(
+    void **c, void **expected_ptr, void *new_ptr)
+{
+    return __atomic_compare_exchange_n(
+        c, expected_ptr, new_ptr, 0 /* weak */, __ATOMIC_SEQ_CST, __ATOMIC_ACQUIRE);
+}
+
 #else
 
 /* Default C Implementation */
@@ -1444,6 +1451,17 @@ int wolfSSL_Atomic_Uint_CompareExchange(
         c, expected_i, new_i, memory_order_seq_cst, memory_order_acquire);
 }
 
+int wolfSSL_Atomic_Ptr_CompareExchange(
+    void **c, void **expected_ptr, void *new_ptr)
+{
+    /* use gcc-built-in __atomic_compare_exchange_n(), not
+     * atomic_compare_exchange_strong_explicit(), to sidestep _Atomic type
+     * requirements.
+     */
+    return __atomic_compare_exchange_n(
+        c, expected_ptr, new_ptr, 0 /* weak */, __ATOMIC_SEQ_CST, __ATOMIC_ACQUIRE);
+}
+
 #endif /* __cplusplus */
 
 #elif defined(_MSC_VER)
@@ -1538,6 +1556,32 @@ int wolfSSL_Atomic_Uint_CompareExchange(
     }
 }
 
+int wolfSSL_Atomic_Uint_CompareExchange(
+    void ** c, void **expected_ptr, void *new_ptr)
+{
+#ifdef _WIN64
+    LONG64 actual_ptr = InterlockedCompareExchange64
+    ((LONG64 *)c, (LONG64)new_i, (LONG64)*expected_i);
+    if (actual_ptr == (LONG64)*expected_i) {
+        return 1;
+    }
+    else {
+        *expected_i = (void *)actual_ptr;
+        return 0;
+    }
+#else /* !_WIN64 */
+    LONG actual_ptr = InterlockedCompareExchange
+    ((LONG *)c, (LONG)new_i, (LONG)*expected_i);
+    if (actual_ptr == (LONG)*expected_i) {
+        return 1;
+    }
+    else {
+        *expected_i = (void *)actual_ptr;
+        return 0;
+    }
+#endif /* !_WIN64 */
+}
+
 #endif
 
 #endif /* WOLFSSL_ATOMIC_OPS */

wolfssl/wolfcrypt/wc_port.h

@@ -586,6 +586,8 @@
         wolfSSL_Atomic_Uint* c, unsigned int i);
     WOLFSSL_API int wolfSSL_Atomic_Uint_CompareExchange(
         wolfSSL_Atomic_Uint* c, unsigned int *expected_i, unsigned int new_i);
+    WOLFSSL_API int wolfSSL_Atomic_Ptr_CompareExchange(
+        void** c, void **expected_ptr, void *new_ptr);
 #else
     /* Code using these fallback implementations in non-SINGLE_THREADED builds
      * needs to arrange its own explicit fallback to int for wolfSSL_Atomic_Int
@@ -623,6 +625,18 @@
             return 0;
         }
     }
+    static WC_INLINE int wolfSSL_Atomic_Ptr_CompareExchange(
+        void **c, void *expected_ptr, void *new_ptr)
+    {
+        if (*(char **)c == *(char **)expected_ptr) {
+            *(char **)c = (char *)new_ptr;
+            return 1;
+        }
+        else {
+            *(char **)expected_ptr = *(char **)c;
+            return 0;
+        }
+    }
     static WC_INLINE unsigned int wolfSSL_Atomic_Uint_FetchAdd(
         unsigned int *c, unsigned int i)
     {