From 3445872e22735ff864d6b363d2d2b8acde740912 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=8D=B7=E6=88=90=E5=90=B4?= <jasonwood2031@gmail.com>
Date: Sun, 24 Jun 2018 15:28:33 +0800
Subject: [PATCH] apps/speed.c: add missing checks for RAND_bytes()

Function RAND_bytes() may return 0 or -1 on error, simply
goto end label when it fails.

Fixes #6567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6582)
---
 apps/speed.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 768e3a1ad3..181873cca3 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2557,7 +2557,8 @@ int speed_main(int argc, char **argv)
     }
 
     for (i = 0; i < loopargs_len; i++)
-        RAND_bytes(loopargs[i].buf, 36);
+        if (RAND_bytes(loopargs[i].buf, 36) <= 0)
+            goto end;
 
 #ifndef OPENSSL_NO_RSA
     for (testnum = 0; testnum < RSA_NUM; testnum++) {
@@ -2653,7 +2654,8 @@ int speed_main(int argc, char **argv)
 #endif                          /* OPENSSL_NO_RSA */
 
     for (i = 0; i < loopargs_len; i++)
-        RAND_bytes(loopargs[i].buf, 36);
+        if (RAND_bytes(loopargs[i].buf, 36) <= 0)
+            goto end;
 
 #ifndef OPENSSL_NO_DSA
     for (testnum = 0; testnum < DSA_NUM; testnum++) {
-- 
GitLab