From: Eric Biggers <ebiggers@kernel.org>
Date: Mon, 20 Apr 2026 06:33:45 +0000 (-0700)
Subject: crypto: drbg - Fix returning success on failure in CTR_DRBG
X-Git-Tag: v7.2-rc1~163^2~184
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=39a31ad9e2a5ed7e9c9c6f711dca96c8c8f5f26b;p=thirdparty%2Fkernel%2Flinux.git

crypto: drbg - Fix returning success on failure in CTR_DRBG

drbg_ctr_generate() sometimes returns success when it fails, leaving the
output buffer uninitialized.  Fix it.

Fixes: cde001e4c3c3 ("crypto: rng - RNGs must return 0 in success case")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---

diff --git a/crypto/drbg.c b/crypto/drbg.c
index 9204e6edb4268..e4eb78ed222b9 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -377,7 +377,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
 	if (addtl && !list_empty(addtl)) {
 		ret = drbg_ctr_update(drbg, addtl, 2);
 		if (ret)
-			return 0;
+			return ret;
 	}
 
 	/* 10.2.1.5.2 step 4.1 */