From b8621bdde70690361a36dca52688a3d946c3fe0f Mon Sep 17 00:00:00 2001 From: Pauli Date: Fri, 19 Apr 2019 16:23:23 +1000 Subject: [PATCH] Fix bug in entropy gathering. This only impacts FIPS mode or someone who has enabled the FIPS 140.2 4.9.2 Conditional Tests. i.e. nobody currently. Fix a significant issue in the entropy gathering for the continuous RNG testing. The impact is using an uninitialised buffer instead of the gathered entropy. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8789) --- crypto/rand/rand_crng_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rand/rand_crng_test.c b/crypto/rand/rand_crng_test.c index 74a64ee531..87f4ee1f48 100644 --- a/crypto/rand/rand_crng_test.c +++ b/crypto/rand/rand_crng_test.c @@ -30,7 +30,7 @@ int rand_crngt_get_entropy_cb(unsigned char *buf) while ((n = rand_pool_acquire_entropy(crngt_pool)) != 0) if (n >= CRNGT_BUFSIZ) { p = rand_pool_detach(crngt_pool); - memcpy(crngt_prev, p, CRNGT_BUFSIZ); + memcpy(buf, p, CRNGT_BUFSIZ); rand_pool_reattach(crngt_pool, p); return 1; } -- 2.34.1