This bug report applies to the OpenSSL FIPS 2.0 module. If dctx->get_entropy() fails and thus the tout is set to NULL we will set the output entropy pointer to NULL + blocklen. This will later lead to crash as we check for NULL entropy before calling fips_cleanup_entropy() but it will be invalid non-NULL pointer in this case.
The attached patch prevents returning invalid non-NULL pointer from the fips_get_entropy() function. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb
diff -up openssl-fips-2.0-test-20120202/fips/rand/fips_drbg_lib.c.entropy openssl-fips-2.0-test-20120202/fips/rand/fips_drbg_lib.c --- openssl-fips-2.0-test-20120202/fips/rand/fips_drbg_lib.c.entropy 2011-12-13 01:22:17.000000000 +0100 +++ openssl-fips-2.0-test-20120202/fips/rand/fips_drbg_lib.c 2012-04-05 17:42:50.814929366 +0200 @@ -160,6 +160,8 @@ static size_t fips_get_entropy(DRBG_CTX return dctx->get_entropy(dctx, pout, entropy, min_len, max_len); rv = dctx->get_entropy(dctx, &tout, entropy + bl, min_len + bl, max_len + bl); + if (tout == NULL) + return 0; *pout = tout + bl; if (rv < (min_len + bl) || (rv % bl)) return 0;