From 07083767e9cf500b31670fe0d5dd55a162f0c520 Mon Sep 17 00:00:00 2001 From: kosaki Date: Mon, 30 Nov 2015 20:29:02 +0000 Subject: * ext/openssl/ossl_rand.c (ossl_rand_bytes): RAND_bytes could be return -1 as an error. Therefore, added error handling. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ext/openssl/ossl_pkey_dsa.c | 4 ++-- ext/openssl/ossl_rand.c | 10 ++++++++-- 2 files changed, 10 insertions(+), 4 deletions(-) (limited to 'ext/openssl') diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c index d5d55eece6..04900cc649 100644 --- a/ext/openssl/ossl_pkey_dsa.c +++ b/ext/openssl/ossl_pkey_dsa.c @@ -110,7 +110,7 @@ dsa_generate(int size) unsigned long h; if (!dsa) return 0; - if (!RAND_bytes(seed, seed_len)) { + if (RAND_bytes(seed, seed_len) <= 0) { DSA_free(dsa); return 0; } @@ -144,7 +144,7 @@ dsa_generate(int size) int seed_len = 20, counter; unsigned long h; - if (!RAND_bytes(seed, seed_len)) { + if (RAND_bytes(seed, seed_len) <= 0) { return 0; } dsa = DSA_generate_parameters(size, seed, seed_len, &counter, &h, diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c index 018ef977ab..daf866d772 100644 --- a/ext/openssl/ossl_rand.c +++ b/ext/openssl/ossl_rand.c @@ -110,10 +110,16 @@ ossl_rand_bytes(VALUE self, VALUE len) { VALUE str; int n = NUM2INT(len); + int ret; str = rb_str_new(0, n); - if (!RAND_bytes((unsigned char *)RSTRING_PTR(str), n)) { - ossl_raise(eRandomError, NULL); + ret = RAND_bytes((unsigned char *)RSTRING_PTR(str), n); + if (ret == 0){ + char buf[256]; + ERR_error_string_n(ERR_get_error(), buf, 256); + ossl_raise(eRandomError, "RAND_bytes error: %s", buf); + } else if (ret == -1) { + ossl_raise(eRandomError, "RAND_bytes is not supported"); } return str; -- cgit v1.2.3