diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-08-22 22:43:23 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-08-22 22:43:23 +0000 |
commit | 0db17852cd47a183fffb33574c98baf53dbabb66 (patch) | |
tree | 5bbfa7e50a7cde9aa03c3ca7045ec0a80317a5c1 /crypto/rand | |
parent | 1a9d60d2e3b02d5e1954fc71c92bf3a6af691495 (diff) | |
download | openssl-0db17852cd47a183fffb33574c98baf53dbabb66.tar.gz |
PR: 2786
Reported by: Tomas Mraz <tmraz@redhat.com>
Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
Diffstat (limited to 'crypto/rand')
-rw-r--r-- | crypto/rand/rand_lib.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 8c28550a76..e8957dbb30 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -210,8 +210,11 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen) { - OPENSSL_cleanse(out, olen); - OPENSSL_free(out); + if (out) + { + OPENSSL_cleanse(out, olen); + OPENSSL_free(out); + } } /* Set "additional input" when generating random data. This uses the |