diff --git a/ChangeLog.d/gen-key-segfault.txt b/ChangeLog.d/gen-key-segfault.txt new file mode 100644 index 0000000000..fefc702726 --- /dev/null +++ b/ChangeLog.d/gen-key-segfault.txt @@ -0,0 +1,3 @@ +Bugfix + * Avoid segmentation fault caused by releasing not initialized + entropy resource in gen_key example. Fixes #8809. diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 6914c9390d..194a5cbba6 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -249,6 +249,7 @@ int main(int argc, char *argv[]) mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); #endif /* MBEDTLS_RSA_C */ + mbedtls_entropy_init(&entropy); mbedtls_pk_init(&key); mbedtls_ctr_drbg_init(&ctr_drbg); memset(buf, 0, sizeof(buf)); @@ -336,7 +337,6 @@ usage: mbedtls_printf("\n . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); #if !defined(_WIN32) && defined(MBEDTLS_FS_IO) if (opt.use_dev_random) { if ((ret = mbedtls_entropy_add_source(&entropy, dev_random_entropy_poll,