The function BIO_write can return a negative integer or zero in an error case. Thus, it should be tested whether it is less than or equal to zero, and not simply whether it is equal to zero, to detect errors. Other nearby calls to BIO_printf, whose return value is determined by a call to BIO_write, are already tested in this manner.
The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // <smpl> @expression@ expression list args; @@ - BIO_write(args) == 0 + BIO_write(args) <= 0 || ... @expression@ expression list args; @@ - BIO_write(args) != 0 + BIO_write(args) > 0 || ... // </smpl> --- diff -u -p a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c --- a/crypto/ocsp/ocsp_prn.c 2007-10-13 17:51:31.000000000 +0200 +++ b/crypto/ocsp/ocsp_prn.c 2009-09-22 15:42:51.000000000 +0200 @@ -266,12 +266,12 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RE if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate)) goto err; } - if (!BIO_write(bp,"\n",1)) goto err; + if (BIO_write(bp,"\n",1) <= 0) goto err; if (!X509V3_extensions_print(bp, "Response Single Extensions", single->singleExtensions, flags, 8)) goto err; - if (!BIO_write(bp,"\n",1)) goto err; + if (BIO_write(bp,"\n",1) <= 0) goto err; } if (!X509V3_extensions_print(bp, "Response Extensions", rd->responseExtensions, flags, 4)) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
