From: Pauli <pauli@openssl.org>
Date: Mon, 20 Sep 2021 23:19:35 +0000 (+1000)
Subject: rand: don't free an mis-set pointer on error
X-Git-Tag: openssl-3.2.0-alpha1~3547
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=caf569a5b3271c2860732ee44509f3825a179fd5;p=thirdparty%2Fopenssl.git

rand: don't free an mis-set pointer on error

This is adding robustness to the code.  The fix to not mis-set the pointer
is in #16636.

Fixes #16631

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16640)
---

diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index 81343fbd525..8b899b99b17 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -459,9 +459,11 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength,
 
     if (!drbg->instantiate(drbg, entropy, entropylen, nonce, noncelen,
                            pers, perslen)) {
+        cleanup_entropy(drbg, entropy, entropylen);
         ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_INSTANTIATING_DRBG);
         goto end;
     }
+    cleanup_entropy(drbg, entropy, entropylen);
 
     drbg->state = EVP_RAND_STATE_READY;
     drbg->generate_counter = 1;
@@ -469,8 +471,6 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength,
     tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter);
 
  end:
-    if (entropy != NULL)
-        cleanup_entropy(drbg, entropy, entropylen);
     if (nonce != NULL)
         ossl_prov_cleanup_nonce(drbg->provctx, nonce, noncelen);
     if (drbg->state == EVP_RAND_STATE_READY)