Bug #10053: OpenSSL: incorrect return value check of EGD functions - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #10053

closed

OpenSSL: incorrect return value check of EGD functions

Added by cremno (cremno phobia) over 10 years ago. Updated over 8 years ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

all

Backport:

2.0.0: UNKNOWN, 2.1: UNKNOWN

[ruby-core:63795]

Description

https://www.openssl.org/docs/crypto/RAND_egd.html#RETURN_VALUE

diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c
index 270a4b7..a9188bc 100644
--- a/ext/openssl/ossl_rand.c
+++ b/ext/openssl/ossl_rand.c
@@ -135,7 +135,7 @@ ossl_rand_egd(VALUE self, VALUE filename)
 {
     SafeStringValue(filename);
 
-    if(!RAND_egd(RSTRING_PTR(filename))) {
+    if (RAND_egd(RSTRING_PTR(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
     return Qtrue;
@@ -153,7 +153,7 @@ ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
 
     SafeStringValue(filename);
 
-    if (!RAND_egd_bytes(RSTRING_PTR(filename), n)) {
+    if (RAND_egd_bytes(RSTRING_PTR(filename), n) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
     return Qtrue;

Maybe an error message (e.g. "EGD connection failed or not enough data returned to fully seed the PRNG") should also be added.

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #10053

OpenSSL: incorrect return value check of EGD functions

Updated by PvpDJgHP (William Thomas NELSON) over 10 years ago

Updated by hsbt (Hiroshi SHIBATA) over 10 years ago

Updated by zzak (zzak _) almost 10 years ago

Updated by zzak (zzak _) almost 10 years ago

Updated by Anonymous over 8 years ago