Fix some RAND bugs

RT2630 -- segfault for int overlow RT2877 -- check return values in apps/rand Update CHANGES file for previous "windows rand" changes. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@openssl.org> 2016-05-29 14:11:44 -0400
committer: Rich Salz <rsalz@openssl.org> 2016-06-01 10:45:18 -0400
commit: 0f91e1dff4ab2e7c25bbae5a48dfabbd1a4eae3c (patch)
tree: 96afa283b997bd9ded6976cb2e9b1f7bd351e8ce
parent: f83b85fb0f46f7a3e92651f1e5eb7b1081fb8650 (diff)
3 files changed, 18 insertions, 9 deletions
diff --git a/CHANGES b/CHANGES
index 541efc390c..c64d677582 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 1.0.2h and 1.1.0  [xx XXX 2016]
 
+  *) Windows RAND implementation was simplified to only get entropy by
+     calling CryptGenRandom(). Various other RAND-related tickets
+     were also closed.
+     [Joseph Wylie Yandle, Rich Salz]
+
   *) The stack and lhash API's were renamed to start with OPENSSL_SK_
      and OPENSSL_LH_, respectively.  The old names are available
      with API compatibility.  They new names are now completely documented.
diff --git a/apps/rand.c b/apps/rand.c
index 89a23a293a..d60f1ecf86 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -105,22 +105,26 @@ int rand_main(int argc, char **argv)
         r = RAND_bytes(buf, chunk);
         if (r <= 0)
             goto end;
-        if (format != FORMAT_TEXT) /* hex */
-            BIO_write(out, buf, chunk);
-        else {
+        if (format != FORMAT_TEXT) {
+            if (BIO_write(out, buf, chunk) != chunk)
+                goto end;
+        } else {
             for (i = 0; i < chunk; i++)
-                BIO_printf(out, "%02x", buf[i]);
+                if (BIO_printf(out, "%02x", buf[i]) != 2)
+                    goto end;
         }
         num -= chunk;
     }
     if (format == FORMAT_TEXT)
         BIO_puts(out, "\n");
-    (void)BIO_flush(out);
+    if (BIO_flush(out) <= 0 || !app_RAND_write_file(NULL))
+        goto end;
 
-    app_RAND_write_file(NULL);
     ret = 0;
 
  end:
+    if (ret != 0)
+        ERR_print_errors(bio_err);
     BIO_free_all(out);
     return (ret);
 }
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 4b874e3bed..137851f596 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -38,7 +38,7 @@
 /* #define PREDICT      1 */
 
 #define STATE_SIZE      1023
-static int state_num = 0, state_index = 0;
+static size_t state_num = 0, state_index = 0;
 static unsigned char state[STATE_SIZE + MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2] = { 0, 0 };
@@ -268,8 +268,8 @@ static int rand_seed(const void *buf, int num)
 static int rand_bytes(unsigned char *buf, int num, int pseudo)
 {
     static volatile int stirred_pool = 0;
-    int i, j, k, st_num, st_idx;
-    int num_ceil;
+    int i, j, k;
+    size_t num_ceil, st_idx, st_num;
     int ok;
     long md_c[2];
     unsigned char local_md[MD_DIGEST_LENGTH];
author	Rich Salz <rsalz@openssl.org>	2016-05-29 14:11:44 -0400
committer	Rich Salz <rsalz@openssl.org>	2016-06-01 10:45:18 -0400
commit	0f91e1dff4ab2e7c25bbae5a48dfabbd1a4eae3c (patch)
tree	96afa283b997bd9ded6976cb2e9b1f7bd351e8ce
parent	f83b85fb0f46f7a3e92651f1e5eb7b1081fb8650 (diff)