rand: add unit test exhibiting memory overrun

author Pauli <ppzgs1@gmail.com>

Wed, 4 Jun 2025 23:50:20 +0000 (09:50 +1000)

committer Tomas Mraz <tomas@openssl.org>

Mon, 9 Jun 2025 08:24:08 +0000 (10:24 +0200)
author Pauli <ppzgs1@gmail.com>
Wed, 4 Jun 2025 23:50:20 +0000 (09:50 +1000)
committer Tomas Mraz <tomas@openssl.org>
Mon, 9 Jun 2025 08:24:08 +0000 (10:24 +0200)
diff --git a/test/rand_test.c b/test/rand_test.c

index 28845db44b92739b53d27d823b52a35a69879ca7..15a91e5b3e6b1f5a2caafa0b6b194766cd70047f 100644 (file)
--- a/test/rand_test.c
+++ b/test/rand_test.c
@@ -25,6 +25,7 @@ static int test_rand(void)
      OSSL_PARAM params[2], *p = params;
      unsigned char entropy1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
      unsigned char entropy2[] = { 0xff, 0xfe, 0xfd };
+    unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04 };
      unsigned char outbuf[3];
  
      *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
@@ -48,6 +49,13 @@ static int test_rand(void)
              || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf)))
          return 0;
  
+    *params = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
+                                                nonce, sizeof(nonce));
+    if (!TEST_true(EVP_RAND_CTX_set_params(privctx, params))
+            || !TEST_true(EVP_RAND_nonce(privctx, outbuf, sizeof(outbuf)))
+            || !TEST_mem_eq(outbuf, sizeof(outbuf), nonce, sizeof(outbuf)))
+        return 0;
+
      if (fips_provider_version_lt(NULL, 3, 4, 0)) {
          /* Skip the rest and pass the test */
          return 1;
author	Pauli <ppzgs1@gmail.com>
	Wed, 4 Jun 2025 23:50:20 +0000 (09:50 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 9 Jun 2025 08:24:08 +0000 (10:24 +0200)