Fix error handling in RAND_DRBG_set

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7519)

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index 43e7509e6adf5fd3d5c22e92a1ef99eef7e46d28..b9c1cca0e0d06857cc1adc09fa4198cb538450cc 100644 (file)
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -115,6 +115,9 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
 
     switch (type) {
     default:
+        drbg->type = 0;
+        drbg->flags = 0;
+        drbg->meth = NULL;
         RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_UNSUPPORTED_DRBG_TYPE);
         return 0;
     case 0:
@@ -127,8 +130,10 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
         break;
     }
 
-    if (ret == 0)
+    if (ret == 0) {
+        drbg->state = DRBG_ERROR;
         RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_ERROR_INITIALISING_DRBG);
+    }
     return ret;
 }