From: Dermot Bradley Date: Mon, 10 Apr 2023 14:25 +0100 On a failure of jent_read_entropy() where the entropy collector will be reallocated, jent_entropy_collector_free() is used to release *ec, but *ec is not set to NULL. If a failure occurs in the following call to jent_entropy_collector_ex() then the function will return with a dangling pointer remaining in *ec. Set *ec to NULL after freeing to prevent this. Upstream PR #97, already merged in master. --- diff -aur a/src/jitterentropy-base.c b/src/jitterentropy-base.c --- a/src/jitterentropy-base.c +++ b/src/jitterentropy-base.c @@ -308,6 +308,7 @@ * memory size */ jent_entropy_collector_free(*ec); + *ec = NULL; /* Perform new health test with updated OSR */ if (jent_entropy_init_ex(osr, flags))