From: 捷成吴 <jasonwood2031@gmail.com>
Date: Sun, 24 Jun 2018 07:28:33 +0000 (+0800)
Subject: apps/speed.c: add missing checks for RAND_bytes()
X-Git-Tag: OpenSSL_1_1_1-pre9~239
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3445872e22735ff864d6b363d2d2b8acde740912;p=thirdparty%2Fopenssl.git

apps/speed.c: add missing checks for RAND_bytes()

Function RAND_bytes() may return 0 or -1 on error, simply
goto end label when it fails.

Fixes #6567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6582)
---

diff --git a/apps/speed.c b/apps/speed.c
index 768e3a1ad3f..181873cca37 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2557,7 +2557,8 @@ int speed_main(int argc, char **argv)
     }
 
     for (i = 0; i < loopargs_len; i++)
-        RAND_bytes(loopargs[i].buf, 36);
+        if (RAND_bytes(loopargs[i].buf, 36) <= 0)
+            goto end;
 
 #ifndef OPENSSL_NO_RSA
     for (testnum = 0; testnum < RSA_NUM; testnum++) {
@@ -2653,7 +2654,8 @@ int speed_main(int argc, char **argv)
 #endif                          /* OPENSSL_NO_RSA */
 
     for (i = 0; i < loopargs_len; i++)
-        RAND_bytes(loopargs[i].buf, 36);
+        if (RAND_bytes(loopargs[i].buf, 36) <= 0)
+            goto end;
 
 #ifndef OPENSSL_NO_DSA
     for (testnum = 0; testnum < DSA_NUM; testnum++) {