From ce1b7acaee2fd7c715688a9c27dc0117954e0c78 Mon Sep 17 00:00:00 2001 From: Pauli Date: Thu, 5 Jun 2025 09:50:20 +1000 Subject: [PATCH] rand: add unit test exhibiting memory overrun MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reviewed-by: Tom Cosgrove Reviewed-by: Saša Nedvědický Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27766) (cherry picked from commit 6d490a92fe49ea6e41cb7874086dbad5462078c6) --- test/rand_test.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/rand_test.c b/test/rand_test.c index bf720c01361..cb84dfc105c 100644 --- a/test/rand_test.c +++ b/test/rand_test.c @@ -20,6 +20,7 @@ static int test_rand(void) OSSL_PARAM params[2], *p = params; unsigned char entropy1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 }; unsigned char entropy2[] = { 0xff, 0xfe, 0xfd }; + unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04 }; unsigned char outbuf[3]; *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, @@ -42,6 +43,13 @@ static int test_rand(void) || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0) || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf))) return 0; + + *params = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE, + nonce, sizeof(nonce)); + if (!TEST_true(EVP_RAND_CTX_set_params(privctx, params)) + || !TEST_true(EVP_RAND_nonce(privctx, outbuf, sizeof(outbuf))) + || !TEST_mem_eq(outbuf, sizeof(outbuf), nonce, sizeof(outbuf))) + return 0; return 1; } -- 2.47.2