projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Precautions against using the PRNG uninitialized: RAND_bytes() now
[openssl.git]
/
crypto
/
rsa
/
rsa_ssl.c
diff --git
a/crypto/rsa/rsa_ssl.c
b/crypto/rsa/rsa_ssl.c
index 1050844f8d2bb4a4188435ed8bb44853b6b43395..83dfc80c1d77cb309316830c6a305ff046904b9f 100644
(file)
--- a/
crypto/rsa/rsa_ssl.c
+++ b/
crypto/rsa/rsa_ssl.c
@@
-82,12
+82,14
@@
int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
/* pad out with non-zero random data */
j=tlen-3-8-flen;
- RAND_bytes(p,j);
+ if (RAND_bytes(p,j) <= 0)
+ return(0);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
- RAND_bytes(p,1);
+ if (RAND_bytes(p,1) <= 0)
+ return(0);
} while (*p == '\0');
p++;
}