Changes between 0.9.8k and 1.0 [xx XXX xxxx]
+ *) The function EVP_PKEY_sign() returns <=0 on error: check return code
+ correctly.
+ [Julia Lawall <julia@diku.dk>]
+
*) Update verify callback code in apps/s_cb.c and apps/verify.c, it
needlessly dereferenced structures, used obsolete functions and
didn't handle all updated verify codes correctly.
Changes between 0.9.8k and 0.9.8l [xx XXX xxxx]
+ *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
+ CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
+ fixes for a few places where the return code is not checked
+ correctly.
+ [Julia Lawall <julia@diku.dk>]
+
*) Add --strict-warnings option to Configure script to include devteam
warnings in other configurations.
[Steve Henson]
/* Generating random byte sequence. */
if (len > (int)sizeof(buf)) goto err;
- if (!RAND_bytes(buf, len)) goto err;
+ if (RAND_bytes(buf, len) <= 0) goto err;
/* Find the first non-zero byte and creating ASN1_INTEGER object. */
for (i = 0; i < len && !buf[i]; ++i);
/* Get original receipt request details */
- if (!CMS_get1_ReceiptRequest(osi, &rr))
+ if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
{
CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
goto err;
/* Get original receipt request details */
- if (!CMS_get1_ReceiptRequest(si, &rr))
+ if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
{
CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
goto err;
#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
/* this -------------v--- guards NT-specific calls */
- if (GetVersion() < 0x80000000 && OPENSSL_isservice())
+ if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
{ HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
const TCHAR *pmsg=buf;
ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
- if (ENGINE_ctrl(e, num, i, p, f))
+ if (ENGINE_ctrl(e, num, i, p, f) > 0)
return 1;
return 0;
}
* usage of these commands is consistent across applications and
* that certain applications don't understand it one way, and
* others another. */
- if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+ if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
return 1;
return 0;
}
if(flags & ENGINE_CMD_FLAG_STRING)
{
/* Same explanation as above */
- if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+ if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
return 1;
return 0;
}
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
- if(ENGINE_ctrl(e, num, l, NULL, NULL))
+ if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
return 1;
return 0;
}
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!RAND_bytes(salt, sLen))
+ if (RAND_bytes(salt, sLen) <= 0)
goto err;
}
maskedDBLen = emLen - hLen - 1;
__FILE__, __LINE__);
else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
{
- if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)))
+ if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0)
return -1;
}
}
s->method->ssl3_enc->cert_verify_mac(s,
NID_id_GostR3411_94,
data);
- if (!EVP_PKEY_sign(pctx,signbuf,&sigsize,data,32)) {
+ if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
ERR_R_INTERNAL_ERROR);
goto err;
projects / openssl.git / commitdiff