From: Pauli <paul.dale@oracle.com>
Date: Fri, 19 Apr 2019 06:23:23 +0000 (+1000)
Subject: Fix bug in entropy gathering.
X-Git-Tag: openssl-3.0.0-alpha1~2144
X-Git-Url: https://git.openssl.org/?a=commitdiff_plain;h=b8621bdde70690361a36dca52688a3d946c3fe0f;p=openssl.git

Fix bug in entropy gathering.

This only impacts FIPS mode or someone who has enabled the FIPS 140.2
4.9.2 Conditional Tests.  i.e. nobody currently.

Fix a significant issue in the entropy gathering for the continuous RNG
testing.  The impact is using an uninitialised buffer instead of the gathered
entropy.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8789)
---

diff --git a/crypto/rand/rand_crng_test.c b/crypto/rand/rand_crng_test.c
index 74a64ee531..87f4ee1f48 100644
--- a/crypto/rand/rand_crng_test.c
+++ b/crypto/rand/rand_crng_test.c
@@ -30,7 +30,7 @@ int rand_crngt_get_entropy_cb(unsigned char *buf)
     while ((n = rand_pool_acquire_entropy(crngt_pool)) != 0)
         if (n >= CRNGT_BUFSIZ) {
             p = rand_pool_detach(crngt_pool);
-            memcpy(crngt_prev, p, CRNGT_BUFSIZ);
+            memcpy(buf, p, CRNGT_BUFSIZ);
             rand_pool_reattach(crngt_pool, p);
             return 1;
         }