Fix a possible crash in rand_drbg_get_entropy
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Tue, 23 Oct 2018 14:30:20 +0000 (16:30 +0200)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Fri, 26 Oct 2018 13:26:21 +0000 (15:26 +0200)
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7474)

(cherry picked from commit 21311777ad8b8c2f2fb8eb7a4f9618ceae1e043d)

crypto/rand/rand_lib.c

index e6fcbce..29d93a8 100644 (file)
@@ -151,6 +151,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
         pool->entropy_requested = entropy;
     } else {
         pool = rand_pool_new(entropy, min_len, max_len);
+        if (pool == NULL)
+            return 0;
     }
 
     if (drbg->parent) {