Fix EVP_MD_CTX_copy_ex for OMAC

Openssl copies a state between valid contexts. But, EVP_MD_CTX_copy_ex
just memcpy-s private data (md_data), which points to OMAC_CTX), which
have pointer to CMAC_CTX. Copying pointer makes CMAC context just the
same on the both sides. As a consequence, we can not do normal copy of a
state between CMAC contexts. As a fix, we just clone it if it's equal
between copy sides.

Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>

diff --git a/gost_omac.c b/gost_omac.c
index c4e81113d348039f687ec6829ff7a7c3e84bfad1..af6eb2a9e9e6e9cf2260754db5c7b147b2c912d8 100644 (file)
--- a/gost_omac.c
+++ b/gost_omac.c
@@ -91,7 +91,7 @@ int omac_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
                }
                if (c_to->cmac_ctx == c_from->cmac_ctx)
                {
-                       return 1;
+                   c_to->cmac_ctx = CMAC_CTX_new();
                }
                return CMAC_CTX_copy(c_to->cmac_ctx, c_from->cmac_ctx);
 }