On Sat, 2012-04-07 at 21:44 +0200, Stephen Henson via RT wrote:
[tm...@redhat.com - Sat Apr 07 15:39:00 2012]:
This bug report applies to the OpenSSL FIPS 2.0 module.
If dctx-get_entropy() fails and thus the tout is set to NULL we will
set the output entropy pointer to NULL +
On Sat, 2012-04-07 at 21:44 +0200, Stephen Henson via RT wrote:
[tm...@redhat.com - Sat Apr 07 15:39:00 2012]:
This bug report applies to the OpenSSL FIPS 2.0 module.
If dctx-get_entropy() fails and thus the tout is set to NULL we will
set the output entropy pointer to NULL +
This bug report applies to the OpenSSL FIPS 2.0 module.
If dctx-get_entropy() fails and thus the tout is set to NULL we will
set the output entropy pointer to NULL + blocklen. This will later lead
to crash as we check for NULL entropy before calling
fips_cleanup_entropy() but it will be invalid
[tm...@redhat.com - Sat Apr 07 15:39:00 2012]:
This bug report applies to the OpenSSL FIPS 2.0 module.
If dctx-get_entropy() fails and thus the tout is set to NULL we will
set the output entropy pointer to NULL + blocklen. This will later lead
to crash as we check for NULL entropy before