Skip to main content

rand_egd

API Overview

RAND_egd is an API in openssl. This rule belongs to the return value check type. This rule is generated using AURC.

Rule Description

tip

RAND_egd() and RAND_egd_bytes() return the number of bytes read from the daemon on success, or -1 if the connection failed or the daemon did not return enough data to fully seed the PRNG.

info
  • Tags: return value check
  • Parameter Index: N/A
  • CWE Type: CWE-253

Rule Code

import cpp

class OpenSSLFunctionCall extends FunctionCall {
  OpenSSLFunctionCall() {
    this.getTarget().hasName("RAND_egd")
  }
}

from OpenSSLFunctionCall call, UnaryOperation uop
where
  uop.getOperator() = "!" and
  uop.getOperand() = call.getAnAccess()
select uop, "This negation checks the return value of RAND_egd."