Project

General

Profile

Bug #10053

OpenSSL: incorrect return value check of EGD functions

Added by cremno (cremno phobia) over 5 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
openssl
Target version:
-
ruby -v:
all
[ruby-core:63795]

Description

https://www.openssl.org/docs/crypto/RAND_egd.html#RETURN_VALUE

diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c
index 270a4b7..a9188bc 100644
--- a/ext/openssl/ossl_rand.c
+++ b/ext/openssl/ossl_rand.c
@@ -135,7 +135,7 @@ ossl_rand_egd(VALUE self, VALUE filename)
 {
     SafeStringValue(filename);

-    if(!RAND_egd(RSTRING_PTR(filename))) {
+    if (RAND_egd(RSTRING_PTR(filename)) == -1) {
    ossl_raise(eRandomError, NULL);
     }
     return Qtrue;
@@ -153,7 +153,7 @@ ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)

     SafeStringValue(filename);

-    if (!RAND_egd_bytes(RSTRING_PTR(filename), n)) {
+    if (RAND_egd_bytes(RSTRING_PTR(filename), n) == -1) {
    ossl_raise(eRandomError, NULL);
     }
     return Qtrue;

Maybe an error message (e.g. "EGD connection failed or not enough data returned to fully seed the PRNG") should also be added.

Associated revisions

Revision 9f0cf20f
Added by rhe over 3 years ago

openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55132 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 55132
Added by rhenium (Kazuki Yamaguchi) over 3 years ago

openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

Revision 55132
Added by rhe over 3 years ago

openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

Revision 55132
Added by rhe over 3 years ago

openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

Revision 55132
Added by rhe over 3 years ago

openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

History

Updated by PvpDJgHP (— PvpDJgHP) over 5 years ago

The Entropy Gathering Daemon was last updated twelve years ago.

Ruby should deprecate the use of egd functions and provide configuration options to use LibreSSL in place of OpenSSL, just like how the Editline Library can be used in place of GNU Readline.

Updated by hsbt (Hiroshi SHIBATA) over 5 years ago

  • Status changed from Open to Assigned
  • Assignee changed from openssl to MartinBosslet (Martin Bosslet)

Updated by zzak (Zachary Scott) almost 5 years ago

The first part sounds OK, I support deprecate of egd functions. The second part needs actionable tickets, and patches welcome.

Updated by zzak (Zachary Scott) almost 5 years ago

  • Assignee changed from MartinBosslet (Martin Bosslet) to openssl
#5

Updated by Anonymous over 3 years ago

  • Status changed from Assigned to Closed

Applied in changeset r55132.


openssl: fix incorrect return value check of RAND_* functions

  • ext/openssl/ossl_rand.c (ossl_rand_egd, ossl_rand_egd_bytes): RAND_egd{_bytes,}() return -1 on failure, not 0. Patch by cremno phobia cremno@mail.ru [ruby-core:63795] Bug #10053: Similar, RAND_pseudo_bytes() may return 0 or -1 on failure.

Also available in: Atom PDF