Fix Coverity 1503322, 1503324, 1503328 memory accesses These are all false positives result from Coverity not understanding our up_ref and free pairing. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/18014)

commit: a381897470f5c6ac2f4e71f48d33d71cde7873dd [log] [tgz]
author: Pauli <pauli@openssl.org> Fri Apr 01 12:27:15 2022 +1100
committer: Pauli <pauli@openssl.org> Fri May 06 18:21:28 2022 +1000
tree: 7fb3a98e57c0b8df06aa573c74442f4933f34b26
parent: 71b7f34978c7332562300487af497559b67f600a [diff]
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 8eb13ad..4d5f8ad 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c

@@ -332,7 +332,11 @@
 
     /* No more legacy from here down to legacy: */
 
+    /* A Coverity false positive with up_ref/down_ref and free */
+    /* coverity[use_after_free] */
     ctx->op.kex.exchange = exchange;
+    /* A Coverity false positive with up_ref/down_ref and free */
+    /* coverity[deref_arg] */
     ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
     if (ctx->op.kex.algctx == NULL) {
         /* The provider key can stay in the cache */
@@ -420,6 +424,8 @@
                                     EVP_KEYMGMT_get0_name(ctx->keymgmt),
                                     ctx->propquery);
     if (tmp_keymgmt != NULL)
+        /* A Coverity issue with up_ref/down_ref and free */
+        /* coverity[pass_freed_arg] */
         provkey = evp_pkey_export_to_provider(peer, ctx->libctx,
                                               &tmp_keymgmt, ctx->propquery);
     EVP_KEYMGMT_free(tmp_keymgmt_tofree);
commit	a381897470f5c6ac2f4e71f48d33d71cde7873dd	[log] [tgz]
author	Pauli <pauli@openssl.org>	Fri Apr 01 12:27:15 2022 +1100
committer	Pauli <pauli@openssl.org>	Fri May 06 18:21:28 2022 +1000
tree	7fb3a98e57c0b8df06aa573c74442f4933f34b26
parent	71b7f34978c7332562300487af497559b67f600a [diff]