From 54e5ba058b4f2c6042c14d44868077e9ffcff818 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Mon, 17 Jul 2017 02:52:26 -0400 Subject: [PATCH] Fix use-after-free Also fix a RANDerr call. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/3947) --- apps/app_rand.c | 9 ++++++--- crypto/rand/randfile.c | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/apps/app_rand.c b/apps/app_rand.c index 3a05352f9f..28caad41a7 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -13,7 +13,7 @@ #include #include -static const char *save_rand_file; +static char *save_rand_file; void app_RAND_load_conf(CONF *c, const char *section) { @@ -29,7 +29,7 @@ void app_RAND_load_conf(CONF *c, const char *section) return; } if (save_rand_file == NULL) - save_rand_file = randfile; + save_rand_file = OPENSSL_strdup(randfile); } static int loadfiles(char *name) @@ -66,6 +66,8 @@ void app_RAND_write(void) BIO_printf(bio_err, "Cannot write random bytes:\n"); ERR_print_errors(bio_err); } + OPENSSL_free(save_rand_file); + save_rand_file = NULL; } @@ -84,7 +86,8 @@ int opt_rand(int opt) return loadfiles(opt_arg()); break; case OPT_R_WRITERAND: - save_rand_file = opt_arg(); + OPENSSL_free(save_rand_file); + save_rand_file = OPENSSL_strdup(opt_arg()); break; } return 1; diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 904653f3bb..f502642997 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -176,7 +176,7 @@ int RAND_write_file(const char *file) if (out == NULL) out = openssl_fopen(file, "wb"); if (out == NULL) { - RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_CANNOT_OPEN_FILE); + RANDerr(RAND_F_RAND_WRITE_FILE, RAND_R_CANNOT_OPEN_FILE); ERR_add_error_data(2, "Filename=", file); return -1; } -- 2.25.1