diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2012-08-22 22:43:03 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2012-08-22 22:43:03 +0000 |
| commit | c759e453bc86f8673e32dc598ffa682840cfc05f (patch) | |
| tree | cbecdce71ecd7e45fbc9fdd3ae61eff6c5e0b58c /crypto/rand | |
| parent | 40ce8fca73a08b7b9d6eece2312b397914906806 (diff) | |
PR: 2786
Reported by: Tomas Mraz <tmraz@redhat.com>
Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
Diffstat (limited to 'crypto/rand')
| -rw-r--r-- | crypto/rand/rand_lib.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index daf1dab973..476a0cd187 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -210,8 +210,11 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen) { - OPENSSL_cleanse(out, olen); - OPENSSL_free(out); + if (out) + { + OPENSSL_cleanse(out, olen); + OPENSSL_free(out); + } } /* Set "additional input" when generating random data. This uses the |