forked from curl/curl-www
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCVE-2016-9594.patch
More file actions
29 lines (24 loc) · 865 Bytes
/
CVE-2016-9594.patch
File metadata and controls
29 lines (24 loc) · 865 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
From f81b2277a8e7e9ce8809ccd30c25b8aa72101215 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 21 Dec 2016 15:09:31 +0100
Subject: [PATCH] randit: store the value in the buffer
---
lib/rand.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/rand.c b/lib/rand.c
index 0e716a77c..a51951cea 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -57,11 +57,11 @@ static CURLcode randit(struct Curl_easy *data, unsigned int *rnd)
return CURLE_OK;
}
#endif
/* data may be NULL! */
- result = Curl_ssl_random(data, (unsigned char *)&rnd, sizeof(rnd));
+ result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd));
if(result != CURLE_NOT_BUILT_IN)
/* only if there is no random funtion in the TLS backend do the non crypto
version, otherwise return result */
return result;
--
2.11.0