From: shibata.hiroshi@...
Date: 2014-08-06T04:10:30+00:00
Subject: [ruby-core:64223] [ruby-trunk - Bug #10053] [Assigned] OpenSSL: incorrect return value check of EGD functions

Issue #10053 has been updated by Hiroshi SHIBATA.

Status changed from Open to Assigned
Assignee changed from openssl to Martin Bosslet

----------------------------------------
Bug #10053: OpenSSL: incorrect return value check of EGD functions
https://bugs.ruby-lang.org/issues/10053#change-48217

* Author: cremno phobia
* Status: Assigned
* Priority: Normal
* Assignee: Martin Bosslet
* Category: ext/openssl
* Target version: current: 2.2.0
* ruby -v: all
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
https://www.openssl.org/docs/crypto/RAND_egd.html#RETURN_VALUE

~~~diff
diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c
index 270a4b7..a9188bc 100644
--- a/ext/openssl/ossl_rand.c
+++ b/ext/openssl/ossl_rand.c
@@ -135,7 +135,7 @@ ossl_rand_egd(VALUE self, VALUE filename)
 {
     SafeStringValue(filename);
 
-    if(!RAND_egd(RSTRING_PTR(filename))) {
+    if (RAND_egd(RSTRING_PTR(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
     return Qtrue;
@@ -153,7 +153,7 @@ ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
 
     SafeStringValue(filename);
 
-    if (!RAND_egd_bytes(RSTRING_PTR(filename), n)) {
+    if (RAND_egd_bytes(RSTRING_PTR(filename), n) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
     return Qtrue;
~~~


Maybe an error message (e.g. `"EGD connection failed or not enough data returned to fully seed the PRNG"`) should also be added.



-- 
https://bugs.ruby-lang.org/