Check RAND_bytes() return value or use RAND_pseudo_bytes().

[openssl.git] / crypto / rand / randfile.c

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 97c3ece53565bf353ae8407e8fc54e858799bb6e..f95ecb0e00b4cb59c16d2e5277187a4721ba2d93 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -118,7 +118,7 @@ err:
 int RAND_write_file(const char *file)
        {
        unsigned char buf[BUFSIZE];
-       int i,ret=0;
+       int i,ret=0,err=0;
        FILE *out = NULL;
        int n;
 
@@ -156,7 +156,8 @@ int RAND_write_file(const char *file)
                {
                i=(n > BUFSIZE)?BUFSIZE:n;
                n-=BUFSIZE;
-               RAND_bytes(buf,i);
+               if (RAND_bytes(buf,i) <= 0)
+                       err=1;
                i=fwrite(buf,1,i,out);
                if (i <= 0)
                        {
@@ -169,7 +170,7 @@ int RAND_write_file(const char *file)
        fclose(out);
        memset(buf,0,BUFSIZE);
 err:
-       return(ret);
+       return(err ? -1 : ret);
        }
 
 char *RAND_file_name(char *buf, int size)