[openssl] openssl-3.0 update

matthias.st.pierre at ncp-e.com matthias.st.pierre at ncp-e.com
Sun Feb 20 12:10:26 UTC 2022 

The branch openssl-3.0 has been updated
       via  eee4287febb296afae3de9e21c5d9cbae14a9802 (commit)
      from  d1ce1b5df602e4fc64bd27b65b4b1343229007af (commit)


- Log -----------------------------------------------------------------
commit eee4287febb296afae3de9e21c5d9cbae14a9802
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date:   Tue Feb 15 17:45:04 2022 +0800

    rand: Add missing check for rand_get_global
    
    As the potential failure of the rand_get_global(),
    for example fail to get lock, 'dgbl' could be NULL
    pointer and be dereferenced later.
    Therefore, it should be better to check it and return
    error if fails, like RAND_get0_primary() and other callers.
    
    Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/17690)
    
    (cherry picked from commit 09dca557332a2187598932388ac7bd7bbf16172b)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/rand_lib.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 8f76c8a5f0..1cb6f78296 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -529,6 +529,8 @@ static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx)
     EVP_RAND_CTX *ctx;
     char *name;
 
+    if (dgbl == NULL)
+        return NULL;
     name = dgbl->seed_name != NULL ? dgbl->seed_name : "SEED-SRC";
     rand = EVP_RAND_fetch(libctx, name, dgbl->seed_propq);
     if (rand == NULL) {
@@ -560,6 +562,8 @@ static EVP_RAND_CTX *rand_new_drbg(OSSL_LIB_CTX *libctx, EVP_RAND_CTX *parent,
     OSSL_PARAM params[7], *p = params;
     char *name, *cipher;
 
+    if (dgbl == NULL)
+        return NULL;
     name = dgbl->rng_name != NULL ? dgbl->rng_name : "CTR-DRBG";
     rand = EVP_RAND_fetch(libctx, name, dgbl->rng_propq);
     if (rand == NULL) {
@@ -759,6 +763,9 @@ static int random_conf_init(CONF_IMODULE *md, const CONF *cnf)
         return 0;
     }
 
+    if (dgbl == NULL)
+        return 0;
+
     for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
         cval = sk_CONF_VALUE_value(elist, i);
         if (strcasecmp(cval->name, "random") == 0) {

More information about the openssl-commits mailing list