From: Pauli <ppzgs1@gmail.com>
Date: Wed, 4 Jun 2025 23:50:20 +0000 (+1000)
Subject: rand: add unit test exhibiting memory overrun
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6d490a92fe49ea6e41cb7874086dbad5462078c6;p=thirdparty%2Fopenssl.git

rand: add unit test exhibiting memory overrun

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27766)
---

diff --git a/test/rand_test.c b/test/rand_test.c
index 28845db44b9..15a91e5b3e6 100644
--- a/test/rand_test.c
+++ b/test/rand_test.c
@@ -25,6 +25,7 @@ static int test_rand(void)
     OSSL_PARAM params[2], *p = params;
     unsigned char entropy1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
     unsigned char entropy2[] = { 0xff, 0xfe, 0xfd };
+    unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04 };
     unsigned char outbuf[3];
 
     *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
@@ -48,6 +49,13 @@ static int test_rand(void)
             || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf)))
         return 0;
 
+    *params = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
+                                                nonce, sizeof(nonce));
+    if (!TEST_true(EVP_RAND_CTX_set_params(privctx, params))
+            || !TEST_true(EVP_RAND_nonce(privctx, outbuf, sizeof(outbuf)))
+            || !TEST_mem_eq(outbuf, sizeof(outbuf), nonce, sizeof(outbuf)))
+        return 0;
+
     if (fips_provider_version_lt(NULL, 3, 4, 0)) {
         /* Skip the rest and pass the test */
         return 1;