From d2953e5e7d8be6e83b35683f41bc0ae971782d16 Mon Sep 17 00:00:00 2001
From: "Dr. Matthias St. Pierre" <Matthias.St.Pierre@ncp-e.com>
Date: Sun, 28 Oct 2018 13:46:35 +0100
Subject: [PATCH] drbg_lib: avoid NULL pointer dereference in drbg_add

Found by Coverity Scan

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7511)

(cherry picked from commit 59f90557dd6e35cf72ac72016609d759ac78fcb9)
---
 crypto/rand/drbg_lib.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index f396f83478..e7f383a6c1 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -1010,7 +1010,7 @@ static int drbg_add(const void *buf, int num, double randomness)
     int ret = 0;
     RAND_DRBG *drbg = RAND_DRBG_get0_master();
     size_t buflen;
-    size_t seedlen = rand_drbg_seedlen(drbg);
+    size_t seedlen;
 
     if (drbg == NULL)
         return 0;
@@ -1018,6 +1018,8 @@ static int drbg_add(const void *buf, int num, double randomness)
     if (num < 0 || randomness < 0.0)
         return 0;
 
+    seedlen = rand_drbg_seedlen(drbg);
+
     buflen = (size_t)num;
 
     if (buflen < seedlen || randomness < (double) seedlen) {
-- 
GitLab