oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hx509: Check return value of RAND_bytes()

Browse Source 
Found by Coverity (Samba CID 1544600).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton
2023-09-18 11:26:08 +12:00
committed by Nico Williams
parent d1b9d2c2f9
commit a840986dc0
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/hx509/ca.c
View File

@@ -1733,7 +1733,12 @@ ca_sign(hx509_context context,
hx509_set_error_string(context, 0, ret, "Out of memory"); hx509_set_error_string(context, 0, ret, "Out of memory");
goto out; goto out;
} }
RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length); ret = RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
if (ret != 1) {
ret = HX509_CRYPTO_INTERNAL_ERROR;
hx509_set_error_string(context, 0, ret, "Failed to generate random bytes");
goto out;
}
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f; ((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
((unsigned char *)tbsc->serialNumber.data)[0] |= 0x40; ((unsigned char *)tbsc->serialNumber.data)[0] |= 0x40;
} }