projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2f11f2e) | patch
rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Wed, 20 Nov 2019 23:09:11 +0000 (00:09 +0100)
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Sun, 15 Dec 2019 14:25:18 +0000 (15:25 +0100)
commitf9fdb9d2f5a0358a3fd34b060fe23cb0eceb2e2c
tree86a9c6a1df3d2ef373002286a728a51a89569930tree | snapshot
parent2f11f2e810c7f48a001986f3eb47b3b9166e2836commit | diff
rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure

RAND_get_rand_method() can return a NULL method pointer in the case of a
malloc failure, so don't dereference it without a check.

Reported-by: Zu-Ming Jiang (detected by FIFUZZ)
Fixes #10480

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10490)
crypto/err/openssl.txt diff | blob | history
crypto/rand/rand_err.c diff | blob | history
crypto/rand/rand_lib.c diff | blob | history
include/openssl/randerr.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.