Check the return values from BN_hex2bn() and RAND_load_file().
authorGuus Sliepen <guus@tinc-vpn.org>
Sun, 23 Sep 2018 13:21:26 +0000 (15:21 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sun, 23 Sep 2018 15:19:32 +0000 (17:19 +0200)
Closes #205 on GitHub.
Closes #206 on GitHub.

src/tincd.c

index bc04f5f25b79d57d0f4d5776b56ad38f3e2b0119..9253d9f28c7c5d96b1302d65ad5cd718ab4cc406 100644 (file)
@@ -434,7 +434,10 @@ static bool keygen(int bits) {
        BN_GENCB_set(cb, indicator, NULL);
 
        rsa_key = RSA_new();
-       BN_hex2bn(&e, "10001");
+
+       if(BN_hex2bn(&e, "10001") == 0) {
+               abort();
+       }
 
        if(!rsa_key || !e) {
                abort();
@@ -698,7 +701,10 @@ int main(int argc, char **argv) {
 
        /* Slllluuuuuuurrrrp! */
 
-       RAND_load_file("/dev/urandom", 1024);
+       if(RAND_load_file("/dev/urandom", 1024) != 1024) {
+               logger(LOG_ERR, "Error initializing RNG!");
+               return 1;
+       }
 
        ENGINE_load_builtin_engines();
        ENGINE_register_all_complete();