The function BIO_ctrl can return a negative integer in an error case. In the same file, some calls to similar functions, eg BIO_flush, are checked as though both negative and zero error values are possible.
The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // <smpl> @expression@ expression list args; @@ - BIO_ctrl(args) == 0 + BIO_ctrl(args) <= 0 || ... @expression@ expression list args; @@ - BIO_ctrl(args) != 0 + BIO_ctrl(args) > 0 || ... // </smpl> --- diff -u -p a/ssl/d1_both.c b/ssl/d1_both.c --- a/ssl/d1_both.c 2009-08-12 16:06:27.000000000 +0200 +++ b/ssl/d1_both.c 2009-09-22 16:13:23.000000000 +0200 @@ -279,7 +279,7 @@ int dtls1_do_write(SSL *s, int type) * retransmit */ if ( BIO_ctrl(SSL_get_wbio(s), - BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL)) + BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 ) s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL); else ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
