From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 23 Apr 2011 20:24:55 +0000 (+0000)
Subject: Oops, work out expanded buffer length before allocating it...
X-Git-Tag: OpenSSL-fips-2_0-rc1~508
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=383bc117bb90377b2cd8667be8b00150917bb5c9;p=oweals%2Fopenssl.git

Oops, work out expanded buffer length before allocating it...
---

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index f3bd4e632e..0c68e35f70 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -198,11 +198,11 @@ int RAND_status(void)
 static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
                                 int entropy, size_t min_len, size_t max_len)
         {
+	/* Round up request to multiple of block size */
+	min_len = ((min_len + 19) / 20) * 20;
 	*pout = OPENSSL_malloc(min_len);
 	if (!*pout)
 		return 0;
-	/* Round up request to multiple of block size */
-	min_len = ((min_len + 19) / 20) * 20;
 	if (RAND_SSLeay()->bytes(*pout, min_len) <= 0)
 		{
 		OPENSSL_free(*pout);