kstr=(unsigned char *)buf;
}
RAND_add(data,i,0);/* put in the RSA key. */
- RAND_bytes(iv,8); /* Generate a salt */
+ if (RAND_bytes(iv,8) <= 0) /* Generate a salt */
+ goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);