From 3edf474b5dc3585e50641f8319e758746da913c6 Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
Date: Mon, 20 Sep 2021 17:13:26 +0200
Subject: [PATCH] Avoid double-free on error seeding the RNG.

Resolves: rhbz#1952844
---
 0030-tmp-Fix-rng-seed-double-free.patch | 18 ++++++++++++++++++
 openssl.spec                            |  8 +++++++-
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 0030-tmp-Fix-rng-seed-double-free.patch

diff --git a/0030-tmp-Fix-rng-seed-double-free.patch b/0030-tmp-Fix-rng-seed-double-free.patch
new file mode 100644
index 0000000..35658eb
--- /dev/null
+++ b/0030-tmp-Fix-rng-seed-double-free.patch
@@ -0,0 +1,18 @@
+diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c
+index 173c99ce1732..7a4b780bb469 100644
+--- a/providers/implementations/rands/seed_src.c
++++ b/providers/implementations/rands/seed_src.c
+@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout,
+         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+         return 0;
+     }
+-    *pout = p;
+     if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
+-                          adin, adin_len) != 0)
++                          adin, adin_len) != 0) {
++        *pout = p;
+         return bytes_needed;
++    }
+     OPENSSL_secure_clear_free(p, bytes_needed);
+     return 0;
+ }
diff --git a/openssl.spec b/openssl.spec
index c1110d5..0714857 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -15,7 +15,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.0.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -54,6 +54,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch
 Patch11: 0011-Remove-EC-curves.patch
 # Instructions to load legacy provider in openssl.cnf
 Patch24: 0024-load-legacy-prov.patch
+# Tmp: Upstream #16636
+Patch30: 0030-tmp-Fix-rng-seed-double-free.patch
 
 License: ASL 2.0
 URL: http://www.openssl.org/
@@ -376,6 +378,10 @@ install -m644 %{SOURCE9} \
 %ldconfig_scriptlets libs
 
 %changelog
+* Mon Sep 20 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-2
+- Avoid double-free on error seeding the RNG.
+- Resolves: rhbz#1952844
+
 * Thu Sep 09 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-1
 - Rebase to upstream version 3.0.0
 - Related: rhbz#1990814