projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check RAND_bytes() return value or use RAND_pseudo_bytes().
[openssl.git] / crypto / pem / pem_lib.c
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 449a1fe9849c9aaa2381f1880de784ad938b9c61..49aeb62bde52b17f805b24c29edadcd0726443e9 100644 (file)
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -379,7 +379,8 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
                        kstr=(unsigned char *)buf;
                        }
                RAND_add(data,i,0);/* put in the RSA key. */
-               RAND_bytes(iv,8);       /* Generate a salt */
+               if (RAND_bytes(iv,8) <= 0)      /* Generate a salt */
+                       goto err;
                /* The 'iv' is used as the iv and as a salt.  It is
                 * NOT taken from the BytesToKey function */
                EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
Unnamed repository; edit this file 'description' to name the repository.