]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 962c7e0)
Added check for the return value of the RAND_bytes() function
authorKlavishnik <evg.shtanov@gmail.com>
Thu, 10 Aug 2023 10:56:24 +0000 (13:56 +0300)
committerTomas Mraz <tomas@openssl.org>
Tue, 10 Oct 2023 15:18:36 +0000 (17:18 +0200)
Call app_bail_out if RAND_bytes() fails.

Also changed the output parameter of RAND_bytes() to inp as
writing to encrypted output buffer does not make sense.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21706)

(cherry picked from commit 8d120aef951d7bb7deac0b8b559f8003f5ea6384)

apps/speed.c patch | blob | blame | history

diff --git a/apps/speed.c b/apps/speed.c
index 0c27023eb8ec2cad20c52360663c2ac76c7daeee..90c210db3212270bc87f75dfa858d161852cb3dd 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -3747,7 +3747,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
             } else {
                 int pad;
 
-                RAND_bytes(out, 16);
+                if (RAND_bytes(inp, 16) <= 0)
+                    app_bail_out("error setting random bytes\n");
                 len += 16;
                 aad[11] = (unsigned char)(len >> 8);
                 aad[12] = (unsigned char)(len);
Mirror of https://github.com/openssl/openssl.git