lib: Free secure memory on process exit

There was a missing crypt_secure_malloc_fini() in the process init/fini path. Also fixes a 0 return from OpenSSL RAND_bytes() being interpreted as succes instead of failure. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
author: Dimitri Staessens <dimitri@ouroboros.rocks> 2026-05-16 15:27:14 +0200
committer: Sander Vrijders <sander@ouroboros.rocks> 2026-05-20 08:17:07 +0200
commit: cbf7f953a49a98adfc4803340475ffeccefbe9fb (patch)
tree: 2881fa378f32e52e7285b3fed22308bb86f1f19c /src/lib/random.c
parent: 63d3aa9ab8d8b0b6d8a10362e112a431dcb5b4e9 (diff)
download: ouroboros-cbf7f953a49a98adfc4803340475ffeccefbe9fb.tar.gz
ouroboros-cbf7f953a49a98adfc4803340475ffeccefbe9fb.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/src/lib/random.c b/src/lib/random.c
index 96315132..2c9a6c0d 100644
--- a/src/lib/random.c
+++ b/src/lib/random.c
@@ -47,8 +47,9 @@ int random_buffer(void * buf,
         gcry_randomize(buf, len, GCRY_STRONG_RANDOM);
         return 0;
 #elif defined(HAVE_OPENSSL_RNG)
-        if (len > 0 && len < INT_MAX)
-                return RAND_bytes((unsigned char *) buf, (int) len);
-        return -1;
+        if (len == 0 || len >= INT_MAX)
+                return -1;
+
+        return RAND_bytes((unsigned char *) buf, (int) len) == 1 ? 0 : -1;
 #endif
 }
author	Dimitri Staessens <dimitri@ouroboros.rocks>	2026-05-16 15:27:14 +0200
committer	Sander Vrijders <sander@ouroboros.rocks>	2026-05-20 08:17:07 +0200
commit	cbf7f953a49a98adfc4803340475ffeccefbe9fb (patch)
tree	2881fa378f32e52e7285b3fed22308bb86f1f19c /src/lib/random.c
parent	63d3aa9ab8d8b0b6d8a10362e112a431dcb5b4e9 (diff)
download	ouroboros-cbf7f953a49a98adfc4803340475ffeccefbe9fb.tar.gz ouroboros-cbf7f953a49a98adfc4803340475ffeccefbe9fb.zip