Security-59754.80.3.tar.gz

[apple/security.git] / OSX / sec / Security / SecKey.m

diff --git a/OSX/sec/Security/SecKey.m b/OSX/sec/Security/SecKey.m
index 6fa9f866d39129efcc36d8e164808eb4ea60e570..35c0afab9e4d911b58fea442804c02667590a2f1 100644 (file)
--- a/OSX/sec/Security/SecKey.m
+++ b/OSX/sec/Security/SecKey.m
@@ -170,11 +170,21 @@ static CFMutableDictionaryRef auxilliaryCDSAKeyMap;
 static struct os_unfair_lock_s auxilliaryCDSAKeyMapLock = OS_UNFAIR_LOCK_INIT;
 
 static void SecKeyDestroyAuxilliaryCDSAKeyForKey(CFTypeRef cf) {
+    CFTypeRef keyToDestroy = NULL;
     os_unfair_lock_lock(&auxilliaryCDSAKeyMapLock);
     if (auxilliaryCDSAKeyMap != NULL) {
-        CFDictionaryRemoveValue(auxilliaryCDSAKeyMap, cf);
+        keyToDestroy = CFDictionaryGetValue(auxilliaryCDSAKeyMap, cf);
+        if (keyToDestroy != NULL) {
+            CFRetain(keyToDestroy);
+            CFDictionaryRemoveValue(auxilliaryCDSAKeyMap, cf);
+        }
     }
     os_unfair_lock_unlock(&auxilliaryCDSAKeyMapLock);
+
+    // Actual aux key destruction is performed outside unfair lock to avoid recursive lock.
+    if (keyToDestroy != NULL) {
+        CFRelease(keyToDestroy);
+    }
 }
 
 void SecKeySetAuxilliaryCDSAKeyForKey(SecKeyRef cf, SecKeyRef auxKey) {
@@ -1189,7 +1199,7 @@ OSStatus SecKeyCopyPersistentRef(SecKeyRef key, CFDataRef* persistentRef)
     if (!persistentRef) {
         secerror("SecKeyCopyPersistentRef: Need a persistentRef pointer for this to work");
         return errSecParam;
-    }
+    }    
 
     CFDictionaryRef query = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                          kSecReturnPersistentRef,   kCFBooleanTrue,