Fix RAND_(pseudo_)?_bytes returns

Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return value checked correctly Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-02-26 16:28:59 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-25 12:41:28 +0000
commit: 8f8e4e4f5253085ab673bb74094c3e492c56af44 (patch)
tree: 1fb6e32d1f10e7ca77521df3a25f887bf083f7a8 /crypto/ocsp
parent: a20718fa2c0a45e6acb975cf6c0438c3ebd45b13 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index 849cb2f762..fdfddf9fc1 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -361,8 +361,8 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
     ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
     if (val)
         memcpy(tmpval, val, len);
-    else
-        RAND_pseudo_bytes(tmpval, len);
+    else if(RAND_pseudo_bytes(tmpval, len) < 0)
+        goto err;
     if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
                          &os, 0, X509V3_ADD_REPLACE))
         goto err;
author	Matt Caswell <matt@openssl.org>	2015-02-26 16:28:59 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-25 12:41:28 +0000
commit	8f8e4e4f5253085ab673bb74094c3e492c56af44 (patch)
tree	1fb6e32d1f10e7ca77521df3a25f887bf083f7a8 /crypto/ocsp
parent	a20718fa2c0a45e6acb975cf6c0438c3ebd45b13 (diff)