Fix data race in RAND_DRBG_generate
[openssl.git] / crypto / rand / rand_lib.c
index f40c513..440c19c 100644 (file)
@@ -151,6 +151,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
         pool->entropy_requested = entropy;
     } else {
         pool = rand_pool_new(entropy, min_len, max_len);
+        if (pool == NULL)
+            return 0;
     }
 
     if (drbg->parent) {
@@ -172,6 +174,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
                                    prediction_resistance,
                                    NULL, 0) != 0)
                 bytes = bytes_needed;
+            drbg->reseed_next_counter
+                = tsan_load(&drbg->parent->reseed_prop_counter);
             rand_drbg_unlock(drbg->parent);
 
             rand_pool_add_end(pool, bytes, 8 * bytes);
@@ -200,6 +204,10 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
     }
 
  err:
+    /* we need to reset drbg->pool in the error case */
+    if (ret == 0 && drbg->pool != NULL)
+        drbg->pool = NULL;
+
     rand_pool_free(pool);
     return ret;
 }