generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Oops, work out expanded buffer length before allocating it...

Browse Source
This commit is contained in:
Dr. Stephen Henson
2011-04-23 20:24:55 +00:00
parent e0d1a2f80a
commit 383bc117bb
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/rand/rand_lib.c
View File

@@ -198,11 +198,11 @@ int RAND_status(void)
static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
int entropy, size_t min_len, size_t max_len) int entropy, size_t min_len, size_t max_len)
{ {
/* Round up request to multiple of block size */
min_len = ((min_len + 19) / 20) * 20;
*pout = OPENSSL_malloc(min_len); *pout = OPENSSL_malloc(min_len);
if (!*pout) if (!*pout)
return 0; return 0;
/* Round up request to multiple of block size */
min_len = ((min_len + 19) / 20) * 20;
if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) if (RAND_SSLeay()->bytes(*pout, min_len) <= 0)
{ {
OPENSSL_free(*pout); OPENSSL_free(*pout);