From: Matt Caswell <matt@openssl.org>
Date: Thu, 18 Mar 2021 10:22:51 +0000 (+0000)
Subject: Add a missing RUN_ONCE in rand_lib.c
X-Git-Tag: OpenSSL_1_1_1k~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b402f00ee26157ad4e7e6e52f3a736743e3de46f;p=thirdparty%2Fopenssl.git

Add a missing RUN_ONCE in rand_lib.c

Some of the callbacks in rand_lib.c were being invoked without the
RUN_ONCE for that file being called. We add it during rand_pool_new
which should cover all cases.

Fixes #7870
Fixes #11144

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14603)
---

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index ba3a29e5846..46e83d0741f 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -432,9 +432,13 @@ err:
 RAND_POOL *rand_pool_new(int entropy_requested, int secure,
                          size_t min_len, size_t max_len)
 {
-    RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool));
+    RAND_POOL *pool;
     size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure);
 
+    if (!RUN_ONCE(&rand_init, do_rand_init))
+        return NULL;
+
+    pool = OPENSSL_zalloc(sizeof(*pool));
     if (pool == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;