projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f5e77bb) | patch
rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Wed, 11 Dec 2019 21:41:00 +0000 (07:41 +1000)
committerPauli <paul.dale@oracle.com>
Wed, 11 Dec 2019 21:41:00 +0000 (07:41 +1000)
commit0402c90ff9caac4c680e3cb6db7729e00d3fc20b
tree568c135161a1222d9dc224fa13b343690bdcb57etree | snapshot
parentf5e77bb0fa25b2fd87c879eb5bfa3e7945731675commit | diff
rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure

RAND_get_rand_method() can return a NULL method pointer in the case of a
malloc failure, so don't dereference it without a check.

Reported-by: Zu-Ming Jiang (detected by FIFUZZ)
Fixes #10480

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10483)
crypto/err/openssl.txt diff | blob | history
crypto/rand/rand_lib.c diff | blob | history
include/openssl/randerr.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.