The function BN_exp can return a negative integer in an error case, so its result should be checked with <= 0 rather than !.
The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // <smpl> @expression@ expression list args; @@ - BN_exp(args) == 0 + BN_exp(args) <= 0 || ... @expression@ expression list args; @@ - BN_exp(args) != 0 + BN_exp(args) > 0 || ... // </smpl> --- diff -u -p a/crypto/bn/bntest.c b/crypto/bn/bntest.c --- a/crypto/bn/bntest.c 2009-02-14 22:49:35.000000000 +0100 +++ b/crypto/bn/bntest.c 2009-09-22 15:49:57.000000000 +0200 @@ -1029,7 +1029,7 @@ int test_exp(BIO *bp, BN_CTX *ctx) BN_bntest_rand(a,20+i*5,0,0); /**/ BN_bntest_rand(b,2+i,0,0); /**/ - if (!BN_exp(d,a,b,ctx)) + if (BN_exp(d,a,b,ctx) <= 0) return(0); if (bp != NULL) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
