projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 1a9d60d)
PR: 2786
authorDr. Stephen Henson <steve@openssl.org>
Wed, 22 Aug 2012 22:43:23 +0000 (22:43 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 22 Aug 2012 22:43:23 +0000 (22:43 +0000)
Reported by: Tomas Mraz <tmraz@redhat.com>

Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.

crypto/rand/rand_lib.c patch | blob | history

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 8c28550a7606b125dee5fec5d2236e578ccf89d0..e8957dbb306cc6dbc7d673f7fa0bcfa787559d1a 100644 (file)
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -210,8 +210,11 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
 
 static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
        {
-       OPENSSL_cleanse(out, olen);
-       OPENSSL_free(out);
+       if (out)
+               {
+               OPENSSL_cleanse(out, olen);
+               OPENSSL_free(out);
+               }
        }
 
 /* Set "additional input" when generating random data. This uses the
Unnamed repository; edit this file 'description' to name the repository.