From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 4 Apr 2011 14:43:20 +0000 (+0000)
Subject: check RAND_pseudo_bytes return value
X-Git-Tag: OpenSSL-fips-2_0-rc1~604
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a255e5bc98188f8ca9cc0b6970ff36dbfb80f1fb;p=oweals%2Fopenssl.git

check RAND_pseudo_bytes return value
---

diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 31ce1d49a6..6517b1592d 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -203,7 +203,8 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
 
 			if (!seed_len)
 				{
-				RAND_pseudo_bytes(seed, qsize);
+				if (RAND_pseudo_bytes(seed, qsize) < 0)
+					goto err;
 				seed_is_random = 1;
 				}
 			else
@@ -475,7 +476,10 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
 				goto err;
 
 			if (!seed_in)
-				RAND_pseudo_bytes(seed, seed_len);
+				{
+				if (RAND_pseudo_bytes(seed, seed_len) < 0)
+					goto err;
+				}
 			/* step 2 */
 			if (!EVP_Digest(seed, seed_len, md, NULL, evpmd, NULL))
 				goto err;