diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2019-12-12 07:41:00 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2019-12-12 07:41:00 +1000 |
commit | 0402c90ff9caac4c680e3cb6db7729e00d3fc20b (patch) | |
tree | 568c135161a1222d9dc224fa13b343690bdcb57e /include | |
parent | f5e77bb0fa25b2fd87c879eb5bfa3e7945731675 (diff) |
rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure
RAND_get_rand_method() can return a NULL method pointer in the case of a
malloc failure, so don't dereference it without a check.
Reported-by: Zu-Ming Jiang (detected by FIFUZZ)
Fixes #10480
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10483)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/randerr.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/openssl/randerr.h b/include/openssl/randerr.h index e633260712..68992d771d 100644 --- a/include/openssl/randerr.h +++ b/include/openssl/randerr.h @@ -57,6 +57,8 @@ int ERR_load_RAND_strings(void); # define RAND_F_RAND_POOL_BYTES_NEEDED 0 # define RAND_F_RAND_POOL_GROW 0 # define RAND_F_RAND_POOL_NEW 0 +# define RAND_F_RAND_PRIV_BYTES_EX 0 +# define RAND_F_RAND_PSEUDO_BYTES 0 # define RAND_F_RAND_WRITE_FILE 0 # endif |