ENGINE_load_rdrand() creates a new engine, it adds it/registers it and then frees it. Looking further into these functions, the registration does NOT create a new object and then copy the data into it, so the registration is based on an object that it's later released.
Based on this[1] tutorial on using RNG engines, after ENGINE_load_rdrand(), ENGINE_by_id() is called, which looks in the registration list, which has a reference to a freed object. Am I missing something? Is there an actual logic error, or is there something I did not understand? Best regards, Cata [1] https://wiki.openssl.org/index.php/Random_Numbers#Hardware _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
