diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-10-20 16:53:57 +0200 |
---|---|---|
committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-10-26 08:37:40 +0200 |
commit | ec2d099fccec25e2d92c4cd2958db21f0d0a1d82 (patch) | |
tree | 35bf7cfbec25571b488b237d215e40a5172f5b10 /crypto | |
parent | b3023ced6b6a4aece6f4d4ec1f6a93b1c03712b6 (diff) |
RAND_load_file(): return error if reseeding failed
The failure of RAND_load_file was only noticed because of the
heap corruption which was reported in #7499 and fixed in commit
5b4cb385c18a. To prevent this in the future, RAND_load_file()
now explicitly checks RAND_status() and reports an error if it
fails.
Related-to: #7449
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7456)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/rand/randfile.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 89720eb5cf..028c1281c0 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -148,6 +148,12 @@ int RAND_load_file(const char *file, long bytes) OPENSSL_cleanse(buf, sizeof(buf)); fclose(in); + if (!RAND_status()) { + RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_RESEED_ERROR); + ERR_add_error_data(2, "Filename=", file); + return -1; + } + return ret; } |