BZ#15380: Fix initstate error return

	[BZ #15380]
	* stdlib/random.c (__initstate): Return NULL if
	__initstate fails.

diff --git a/ChangeLog b/ChangeLog
index bf4500a31f07384198b7f5ce98e16ac9d17b3fbe..ad58947f4651140dc73d9a795e0a885f46343c02 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2013-04-29  Andreas Jaeger  <aj@suse.de>
 
+       [BZ #15380]
+       * stdlib/random.c (__initstate): Return NULL if
+       __initstate fails.
+
        [BZ# 15086]
        * resolv/res_debug.c (p_option): Handle RES_NOALIASES,
        RES_KEEPTSIG, RES_BLAST, RES_NOIP6DOTINT, RES_SNGLKUP,

diff --git a/NEWS b/NEWS
index 0a8e622df596503c723a41050ba4b1f8b8c9bea1..e0d3d746ef83c1f122897579386fcf8fd0cf95c0 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -15,7 +15,7 @@ Version 2.18
   15006, 15007, 15020, 15023, 15036, 15054, 15055, 15062, 15078, 15086,
   15160, 15214, 15221, 15232, 15234, 15283, 15285, 15287, 15304, 15305,
   15307, 15309, 15327, 15330, 15335, 15336, 15337, 15342, 15346, 15361,
-  15366, 15394, 15405, 15406, 15409.
+  15366, 15380, 15394, 15405, 15406, 15409.
 
 * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
   #15078).

diff --git a/stdlib/random.c b/stdlib/random.c
index 3ed610dd9c0866b99d4fbcf9f018dfc4986be73d..967dec3539b38519e87cb247fd6c0d5bdb5724c6 100644 (file)
--- a/stdlib/random.c
+++ b/stdlib/random.c
@@ -234,16 +234,17 @@ __initstate (seed, arg_state, n)
      size_t n;
 {
   int32_t *ostate;
+  int ret;
 
   __libc_lock_lock (lock);
 
   ostate = &unsafe_state.state[-1];
 
-  __initstate_r (seed, arg_state, n, &unsafe_state);
+  ret = __initstate_r (seed, arg_state, n, &unsafe_state);
 
   __libc_lock_unlock (lock);
 
-  return (char *) ostate;
+  return ret == -1 ? NULL : (char *) ostate;
 }
 
 weak_alias (__initstate, initstate)