diff options
author | Matt Caswell <matt@openssl.org> | 2015-02-26 16:28:59 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-25 12:41:28 +0000 |
commit | 8f8e4e4f5253085ab673bb74094c3e492c56af44 (patch) | |
tree | 1fb6e32d1f10e7ca77521df3a25f887bf083f7a8 /crypto/ocsp | |
parent | a20718fa2c0a45e6acb975cf6c0438c3ebd45b13 (diff) |
Fix RAND_(pseudo_)?_bytes returns
Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return
value checked correctly
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp_ext.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c index 849cb2f762..fdfddf9fc1 100644 --- a/crypto/ocsp/ocsp_ext.c +++ b/crypto/ocsp/ocsp_ext.c @@ -361,8 +361,8 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL); if (val) memcpy(tmpval, val, len); - else - RAND_pseudo_bytes(tmpval, len); + else if(RAND_pseudo_bytes(tmpval, len) < 0) + goto err; if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, &os, 0, X509V3_ADD_REPLACE)) goto err; |