[openssl-commits] [openssl] OpenSSL_1_1_1-stable update

Mon Nov 5 21:49:02 UTC 2018

The branch OpenSSL_1_1_1-stable has been updated
       via  c40c1ef4f3c3a6a4d7878bbf8b13742a5bffd963 (commit)
       via  fd59e425a865f306f3745f576f8b7b7a40dbbfcf (commit)
       via  ee5a79104c4f7f59343a7b75815be3979a0f6b83 (commit)
       via  f98a893ed454faf97d77a53833da95646478c14c (commit)
      from  0f316a0c208b90336b171fa05f8eaf4056c5a01d (commit)


- Log -----------------------------------------------------------------
commit c40c1ef4f3c3a6a4d7878bbf8b13742a5bffd963
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Fri Nov 2 11:46:38 2018 +0100

    Fix error handling in RAND_DRBG_uninstantiate
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/7519)

commit fd59e425a865f306f3745f576f8b7b7a40dbbfcf
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Tue Oct 30 21:02:22 2018 +0100

    Fix error handling in drbgtest.c
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/7519)

commit ee5a79104c4f7f59343a7b75815be3979a0f6b83
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Tue Oct 30 20:57:53 2018 +0100

    Fix error handling in rand_drbg_new
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/7519)

commit f98a893ed454faf97d77a53833da95646478c14c
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Mon Oct 29 13:48:53 2018 +0100

    Fix error handling in RAND_DRBG_set
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/7519)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/drbg_lib.c | 13 ++++++++-----
 test/drbgtest.c        | 22 ++++++++++++++--------
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index 43e7509..73fd942 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -115,6 +115,9 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
 
     switch (type) {
     default:
+        drbg->type = 0;
+        drbg->flags = 0;
+        drbg->meth = NULL;
         RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_UNSUPPORTED_DRBG_TYPE);
         return 0;
     case 0:
@@ -127,8 +130,10 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
         break;
     }
 
-    if (ret == 0)
+    if (ret == 0) {
+        drbg->state = DRBG_ERROR;
         RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_ERROR_INITIALISING_DRBG);
+    }
     return ret;
 }
 
@@ -229,10 +234,7 @@ static RAND_DRBG *rand_drbg_new(int secure,
     return drbg;
 
  err:
-    if (drbg->secure)
-        OPENSSL_secure_free(drbg);
-    else
-        OPENSSL_free(drbg);
+    RAND_DRBG_free(drbg);
 
     return NULL;
 }
@@ -372,6 +374,7 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
 int RAND_DRBG_uninstantiate(RAND_DRBG *drbg)
 {
     if (drbg->meth == NULL) {
+        drbg->state = DRBG_ERROR;
         RANDerr(RAND_F_RAND_DRBG_UNINSTANTIATE,
                 RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
         return 0;
diff --git a/test/drbgtest.c b/test/drbgtest.c
index b4453b0..371f138 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -790,12 +790,15 @@ static void run_multi_thread_test(void)
 {
     unsigned char buf[256];
     time_t start = time(NULL);
-    RAND_DRBG *public, *private;
+    RAND_DRBG *public = NULL, *private = NULL;
 
-    public = RAND_DRBG_get0_public();
-    private = RAND_DRBG_get0_private();
-    RAND_DRBG_set_reseed_time_interval(public, 1);
+    if (!TEST_ptr(public = RAND_DRBG_get0_public())
+            || !TEST_ptr(private = RAND_DRBG_get0_private())) {
+        multi_thread_rand_bytes_succeeded = 0;
+        return;
+    }
     RAND_DRBG_set_reseed_time_interval(private, 1);
+    RAND_DRBG_set_reseed_time_interval(public, 1);
 
     do {
         if (RAND_bytes(buf, sizeof(buf)) <= 0)
@@ -927,13 +930,16 @@ static size_t rand_drbg_seedlen(RAND_DRBG *drbg)
  */
 static int test_rand_seed(void)
 {
-    RAND_DRBG *master = RAND_DRBG_get0_master();
+    RAND_DRBG *master = NULL;
     unsigned char rand_buf[256];
     size_t rand_buflen;
-#ifdef OPENSSL_RAND_SEED_NONE
-    size_t required_seed_buflen = rand_drbg_seedlen(master);
-#else
     size_t required_seed_buflen = 0;
+
+    if (!TEST_ptr(master = RAND_DRBG_get0_master()))
+        return 0;
+
+#ifdef OPENSSL_RAND_SEED_NONE
+    required_seed_buflen = rand_drbg_seedlen(master);
 #endif
 
     memset(rand_buf, 0xCD, sizeof(rand_buf));
