projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1b8b00)
Fix use-after-free
authorRich Salz <rsalz@openssl.org>
Mon, 17 Jul 2017 06:52:26 +0000 (02:52 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 17 Jul 2017 11:46:49 +0000 (07:46 -0400)
Also fix a RANDerr call.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3947)

apps/app_rand.c patch | blob | history
crypto/rand/randfile.c patch | blob | history

diff --git a/apps/app_rand.c b/apps/app_rand.c
index 3a05352f9f2673917900ba3c6beb59ca38cbf0ce..28caad41a7d8f124a29a25d2876537b72aed4e92 100644 (file)
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -13,7 +13,7 @@
 #include <openssl/rand.h>
 #include <openssl/conf.h>
 
-static const char *save_rand_file;
+static char *save_rand_file;
 
 void app_RAND_load_conf(CONF *c, const char *section)
 {
@@ -29,7 +29,7 @@ void app_RAND_load_conf(CONF *c, const char *section)
         return;
     }
     if (save_rand_file == NULL)
-        save_rand_file = randfile;
+        save_rand_file = OPENSSL_strdup(randfile);
 }
 
 static int loadfiles(char *name)
@@ -66,6 +66,8 @@ void app_RAND_write(void)
         BIO_printf(bio_err, "Cannot write random bytes:\n");
         ERR_print_errors(bio_err);
     }
+    OPENSSL_free(save_rand_file);
+    save_rand_file =  NULL;
 }
 
 
@@ -84,7 +86,8 @@ int opt_rand(int opt)
         return loadfiles(opt_arg());
         break;
     case OPT_R_WRITERAND:
-        save_rand_file = opt_arg();
+        OPENSSL_free(save_rand_file);
+        save_rand_file = OPENSSL_strdup(opt_arg());
         break;
     }
     return 1;
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 904653f3bbacbc24a06204668dd242fb3b814d1b..f5026429977bb5ef25a573d01b842eff13444385 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -176,7 +176,7 @@ int RAND_write_file(const char *file)
     if (out == NULL)
         out = openssl_fopen(file, "wb");
     if (out == NULL) {
-        RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_CANNOT_OPEN_FILE);
+        RANDerr(RAND_F_RAND_WRITE_FILE, RAND_R_CANNOT_OPEN_FILE);
         ERR_add_error_data(2, "Filename=", file);
         return -1;
     }
Unnamed repository; edit this file 'description' to name the repository.