On 10 April 2014 18:54, Kylo Ginsberg <k...@kylo.net> wrote: > Looking at the heartbeat code, I notice that neither of the process > heartbeat functions check whether RAND_pseudo_bytes returned success when it > is generating the heartbeat padding. > > I don't know if there are real-world scenarios where this could happen
Failed memory allocation, typically. > A patch might look like this: > > diff --git a/ssl/d1_both.c b/ssl/d1_both.c > + if (RAND_pseudo_bytes(bp, padding) < 0) RAND_pseudo_bytes returns -1 or 0 if it fails[1]. This expression should be RAND_pseudo_bytes(...) != 1, which basically equivalent to RAND_bytes(...) != 1. This isn't your fault; the documentation doesn't have any relationship to the actual behaviour, and the many other callers in the library are sloppy like this. Cheers, Joe [1]: http://jbp.io/2014/01/16/openssl-rand-api/#round-up ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org