Commit 0db17852 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 2786 

Reported by: Tomas Mraz <tmraz@redhat.com>

Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
parent 1a9d60d2

crypto/rand/rand_lib.c

+5 −2
Original line number Diff line number Diff line
@@ -209,10 +209,13 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, 
        }



static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)

	{

	if (out)

		{

		OPENSSL_cleanse(out, olen);

		OPENSSL_free(out);

		}

	}



/* Set "additional input" when generating random data. This uses the

 * current PID, a time value and a counter.