From a840986dc0289dcf4491a748208b34352b6058b0 Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Mon, 18 Sep 2023 11:26:08 +1200
Subject: [PATCH] hx509: Check return value of RAND_bytes()

Found by Coverity (Samba CID 1544600).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
---
 lib/hx509/ca.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/hx509/ca.c b/lib/hx509/ca.c
index d357710a6..977065d02 100644
--- a/lib/hx509/ca.c
+++ b/lib/hx509/ca.c
@@ -1733,7 +1733,12 @@ ca_sign(hx509_context context,
 	    hx509_set_error_string(context, 0, ret, "Out of memory");
 	    goto out;
 	}
-	RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
+	ret = RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
+	if (ret != 1) {
+	    ret = HX509_CRYPTO_INTERNAL_ERROR;
+	    hx509_set_error_string(context, 0, ret, "Failed to generate random bytes");
+	    goto out;
+	}
 	((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
 	((unsigned char *)tbsc->serialNumber.data)[0] |= 0x40;
     }