Matt Caswell

This is confirmed as a bug. The fix is in #19300. It has also been assessed as a low severity security issue (CVE-2022-3358). Since it is low severity we are...

@rapier1...please can you drop me an email regarding this on [email protected]? I don't seem to have your email address.

Needs another rebase too.

Is this ready for re-review or is there still outstanding work to be done following from my previous round of comments?

> ping @mattcaswell I know you're never going to believe me after 16 days of inactivity - but I was actually partway through reviewing this when your ping came through!!...

Ping @openssl/committers for second review

Closing since this is marked as resolved.

> To me it was new to see the performance of the rand function improved from 3.0 to 3.1 quite a bit. Also see: https://github.com/openssl/openssl/pull/20929#issuecomment-1559745547

> I just want to know whether this crash occurs due to some issue with openssl 1.0.2k-fips native code or not. There's not enough information here to work out what...

Needs rebase