From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 5 Nov 2024 10:52:38 +0000 (+0100)
Subject: mbedtls: remove failf() use from mbedtls_random
X-Git-Tag: curl-8_11_0~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e1ed6b8e290153febd290764f7084ec635a06c0f;p=thirdparty%2Fcurl.git

mbedtls: remove failf() use from mbedtls_random

Since data can be NULL in here, calling failf() can be bad. This should
also be a terribly rare error so the lack of error message for this
should be manageable.

Reported-by: wxiaoguang on github
Fixes #15485
Closes #15486
---

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index e24def89b6..7a34e9c183 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1387,35 +1387,24 @@ static size_t mbedtls_version(char *buffer, size_t size)
 #endif
 }
 
+/* 'data' might be NULL */
 static CURLcode mbedtls_random(struct Curl_easy *data,
                                unsigned char *entropy, size_t length)
 {
 #if defined(MBEDTLS_CTR_DRBG_C)
-  int ret = -1;
-  char errorbuf[128];
+  int ret;
   mbedtls_entropy_context ctr_entropy;
   mbedtls_ctr_drbg_context ctr_drbg;
   mbedtls_entropy_init(&ctr_entropy);
   mbedtls_ctr_drbg_init(&ctr_drbg);
+  (void)data;
 
   ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
                               &ctr_entropy, NULL, 0);
 
-  if(ret) {
-    mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-    failf(data, "mbedtls_ctr_drbg_seed returned (-0x%04X) %s",
-          -ret, errorbuf);
-  }
-  else {
+  if(!ret)
     ret = mbedtls_ctr_drbg_random(&ctr_drbg, entropy, length);
 
-    if(ret) {
-      mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "mbedtls_ctr_drbg_random returned (-0x%04X) %s",
-            -ret, errorbuf);
-    }
-  }
-
   mbedtls_ctr_drbg_free(&ctr_drbg);
   mbedtls_entropy_free(&ctr_entropy);