3 files changed, 8 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index bf4500a..ad58947 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2013-04-29  Andreas Jaeger  <aj@suse.de>
 
+	[BZ #15380]
+	* stdlib/random.c (__initstate): Return NULL if
+	__initstate fails.
+
 	[BZ# 15086]
 	* resolv/res_debug.c (p_option): Handle RES_NOALIASES,
 	RES_KEEPTSIG, RES_BLAST, RES_NOIP6DOTINT, RES_SNGLKUP,
diff --git a/NEWS b/NEWS
index 0a8e622..e0d3d74 100644
--- a/NEWS
+++ b/NEWS
@@ -15,7 +15,7 @@ Version 2.18
   15006, 15007, 15020, 15023, 15036, 15054, 15055, 15062, 15078, 15086,
   15160, 15214, 15221, 15232, 15234, 15283, 15285, 15287, 15304, 15305,
   15307, 15309, 15327, 15330, 15335, 15336, 15337, 15342, 15346, 15361,
-  15366, 15394, 15405, 15406, 15409.
+  15366, 15380, 15394, 15405, 15406, 15409.
 
 * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
   #15078).
diff --git a/stdlib/random.c b/stdlib/random.c
index 3ed610d..967dec3 100644
--- a/stdlib/random.c
+++ b/stdlib/random.c
@@ -234,16 +234,17 @@ __initstate (seed, arg_state, n)
      size_t n;
 {
   int32_t *ostate;
+  int ret;
 
   __libc_lock_lock (lock);
 
   ostate = &unsafe_state.state[-1];
 
-  __initstate_r (seed, arg_state, n, &unsafe_state);
+  ret = __initstate_r (seed, arg_state, n, &unsafe_state);
 
   __libc_lock_unlock (lock);
 
-  return (char *) ostate;
+  return ret == -1 ? NULL : (char *) ostate;
 }
 
 weak_alias (__initstate, initstate)