Commit d2953e5e authored by Dr. Matthias St. Pierre's avatar Dr. Matthias St. Pierre
Browse files

drbg_lib: avoid NULL pointer dereference in drbg_add 



Found by Coverity Scan

Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7511)

(cherry picked from commit 59f90557dd6e35cf72ac72016609d759ac78fcb9)
parent 54dea92f

crypto/rand/drbg_lib.c

+3 −1
Original line number Diff line number Diff line
@@ -1010,7 +1010,7 @@ static int drbg_add(const void *buf, int num, double randomness) 
    int ret = 0;

    RAND_DRBG *drbg = RAND_DRBG_get0_master();

    size_t buflen;

    size_t seedlen = rand_drbg_seedlen(drbg);

    size_t seedlen;



    if (drbg == NULL)

        return 0;
@@ -1018,6 +1018,8 @@ static int drbg_add(const void *buf, int num, double randomness) 
    if (num < 0 || randomness < 0.0)

        return 0;



    seedlen = rand_drbg_seedlen(drbg);



    buflen = (size_t)num;



    if (buflen < seedlen || randomness < (double) seedlen) {