diff options
author | Matt Caswell <matt@openssl.org> | 2015-02-26 16:28:59 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-25 12:41:28 +0000 |
commit | 8f8e4e4f5253085ab673bb74094c3e492c56af44 (patch) | |
tree | 1fb6e32d1f10e7ca77521df3a25f887bf083f7a8 /crypto/cms | |
parent | a20718fa2c0a45e6acb975cf6c0438c3ebd45b13 (diff) |
Fix RAND_(pseudo_)?_bytes returns
Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return
value checked correctly
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_pwri.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 076b545789..b9c560d438 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -297,8 +297,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen, out[3] = in[2] ^ 0xFF; memcpy(out + 4, in, inlen); /* Add random padding to end */ - if (olen > inlen + 4) - RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen); + if (olen > inlen + 4 + && RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0) + return 0; /* Encrypt twice */ EVP_EncryptUpdate(ctx, out, &dummy, out, olen); EVP_EncryptUpdate(ctx, out, &dummy, out, olen); |