drbg_lib: avoid NULL pointer dereference in drbg_add

author Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>

Sun, 28 Oct 2018 12:46:35 +0000 (13:46 +0100)

committer Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>

Sun, 28 Oct 2018 18:19:17 +0000 (19:19 +0100)
author Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Sun, 28 Oct 2018 12:46:35 +0000 (13:46 +0100)
committer Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Sun, 28 Oct 2018 18:19:17 +0000 (19:19 +0100)
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c

index ec4aa69db50a3a57690770fbc4596e08f7b182f2..796ab67fda67a4820d0b3dc174a583f36d39da48 100644 (file)
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -1086,7 +1086,7 @@ static int drbg_add(const void *buf, int num, double randomness)
      int ret = 0;
      RAND_DRBG *drbg = RAND_DRBG_get0_master();
      size_t buflen;
-    size_t seedlen = rand_drbg_seedlen(drbg);
+    size_t seedlen;
  
      if (drbg == NULL)
          return 0;
@@ -1094,6 +1094,8 @@ static int drbg_add(const void *buf, int num, double randomness)
      if (num < 0 || randomness < 0.0)
          return 0;
  
+    seedlen = rand_drbg_seedlen(drbg);
+
      buflen = (size_t)num;
  
      if (buflen < seedlen || randomness < (double) seedlen) {
author	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
	Sun, 28 Oct 2018 12:46:35 +0000 (13:46 +0100)
committer	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
	Sun, 28 Oct 2018 18:19:17 +0000 (19:19 +0100)