]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6923d26)
Avoid double-free on unsuccessful getting PRNG seeding
authorDmitry Belyavskiy <beldmit@gmail.com>
Mon, 20 Sep 2021 14:35:10 +0000 (16:35 +0200)
committerDmitry Belyavskiy <beldmit@gmail.com>
Tue, 21 Sep 2021 16:37:14 +0000 (18:37 +0200)
Fixes #16631

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16636)

providers/implementations/rands/seed_src.c patch | blob | blame | history

diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c
index 173c99ce173229aff71cac94632f73cd747278dc..7a4b780bb469777ee2b35ddc05ac673a09804649 100644 (file)
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout,
         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    *pout = p;
     if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
-                          adin, adin_len) != 0)
+                          adin, adin_len) != 0) {
+        *pout = p;
         return bytes_needed;
+    }
     OPENSSL_secure_clear_free(p, bytes_needed);
     return 0;
 }
Mirror of https://github.com/openssl/openssl.git