---------- Forwarded message ---------- Date: Sun, 13 Sep 2009 11:14:00 +0200 (CEST) From: Julia Lawall <ju...@diku.dk> Reply-To: openssl-dev@openssl.org To: openssl-dev@openssl.org, Rene Rydhof Hansen <r...@cs.aau.dk> Cc: z...@google.com, Gilles Muller - lip6 <gilles.mul...@lip6.fr> Subject: [PATCH] use of EVP_PKEY_sign
The function EVP_PKEY_sign can explicitly return -1 or -2 in the case of error. Therefore, the error checking code should check whether the result is less than or equal to 0, and not just whether it is equal to zero. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // <smpl> @expression@ expression list args; @@ - EVP_PKEY_sign(args) == 0 + EVP_PKEY_sign(args) <= 0 || ... @expression@ expression list args; @@ - EVP_PKEY_sign(args) != 0 + EVP_PKEY_sign(args) > 0 || ... // </smpl> --- diff -u -p a/ssl/s3_clnt.c b/ssl/s3_clnt.c --- a/ssl/s3_clnt.c 2009-06-16 19:02:56.000000000 +0200 +++ b/ssl/s3_clnt.c 2009-09-12 11:26:04.000000000 +0200 @@ -2707,7 +2707,7 @@ int ssl3_send_client_verify(SSL *s) s->method->ssl3_enc->cert_verify_mac(s, NID_id_GostR3411_94, data); - if (!EVP_PKEY_sign(pctx,signbuf,&sigsize,data,32)) { + if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) { SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR); goto err; ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
