The fips_drbg_bytes() function calls CRYPTO_w_lock(CRYPTO_LOCK_RAND); unfortunately the FIPS_drbg_generate() function can eventually call drbg_reseed() if sufficiently enough bytes are pulled out of the DRBG. This function in turn pulls bytes from the MD rand using the RAND_SSLeay()->bytes(). However MD rand uses CRYPTO_w_lock(CRYPTO_LOCK_RAND); in ssleay_rand_bytes().
This leads to double locking the CRYPTO_LOCK_RAND which can mean undefined behavior unless for example in case of pthreads the mutex type used is PTHREAD_MUTEX_RECURSIVE. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb (You'll never know whether the road is wrong though.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org