The function BIO_write can return a negative integer in an error case. The same is true of i2a_ASN1_INTEGER and i2a_ASN1_OBJECT. The result of BIO_printf is determined by the result of a call to BIO_write. Thus, in all of these cases an error should be detected by a less than or equal to zero test rather than an zero test, as done elsewhere in the file.
The semantic patch that makes this change in the BIO_write case is as follows: (http://coccinelle.lip6.fr/) // <smpl> @expression@ expression list args; @@ - BIO_write(args) == 0 + BIO_write(args) <= 0 || ... @expression@ expression list args; @@ - BIO_write(args) != 0 + BIO_write(args) > 0 || ... // </smpl> --- diff -u -p a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c --- a/crypto/x509v3/v3_ocsp.c 2008-11-05 19:39:05.000000000 +0100 +++ b/crypto/x509v3/v3_ocsp.c 2009-09-22 15:47:13.000000000 +0200 @@ -161,21 +161,21 @@ static int i2r_ocsp_crlid(const X509V3_E OCSP_CRLID *a = in; if (a->crlUrl) { - if (!BIO_printf(bp, "%*scrlUrl: ", ind, "")) goto err; + if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0) goto err; if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } if (a->crlNum) { - if (!BIO_printf(bp, "%*scrlNum: ", ind, "")) goto err; - if (!i2a_ASN1_INTEGER(bp, a->crlNum)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0) goto err; + if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } if (a->crlTime) { - if (!BIO_printf(bp, "%*scrlTime: ", ind, "")) goto err; + if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0) goto err; if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } return 1; err: @@ -185,7 +185,7 @@ static int i2r_ocsp_crlid(const X509V3_E static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff, BIO *bp, int ind) { - if (!BIO_printf(bp, "%*s", ind, "")) return 0; + if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0; if(!ASN1_GENERALIZEDTIME_print(bp, cutoff)) return 0; return 1; } @@ -194,8 +194,8 @@ static int i2r_ocsp_acutoff(const X509V3 static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind) { - if (!BIO_printf(bp, "%*s", ind, "")) return 0; - if(!i2a_ASN1_OBJECT(bp, oid)) return 0; + if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0; + if(i2a_ASN1_OBJECT(bp, oid) <= 0) return 0; return 1; } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
