From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Mon, 20 Sep 2021 14:35:10 +0000 (+0200)
Subject: Avoid double-free on unsuccessful getting PRNG seeding
X-Git-Tag: openssl-3.2.0-alpha1~3549
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52dcc011191ad1a40fd52ae92ef009309deaca52;p=thirdparty%2Fopenssl.git

Avoid double-free on unsuccessful getting PRNG seeding

Fixes #16631

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16636)
---

diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c
index 173c99ce173..7a4b780bb46 100644
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout,
         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    *pout = p;
     if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
-                          adin, adin_len) != 0)
+                          adin, adin_len) != 0) {
+        *pout = p;
         return bytes_needed;
+    }
     OPENSSL_secure_clear_free(p, bytes_needed);
     return 0;
 }