From eb96e8b5fd1ad4eeae0b0330ca465ca462e0f6c1 Mon Sep 17 00:00:00 2001
From: Rob Percival <robpercival@google.com>
Date: Tue, 23 Aug 2016 17:35:14 +0100
Subject: [PATCH 1/1] Document that o2i_SCT_signature can leave the SCT in an
 inconsistent state

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---
 crypto/ct/ct_locl.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h
index b65df5a57d..7adc4961b3 100644
--- a/crypto/ct/ct_locl.h
+++ b/crypto/ct/ct_locl.h
@@ -192,6 +192,8 @@ __owur int i2o_SCT_signature(const SCT *sct, unsigned char **out);
 * |in| will be advanced to the end of the signature if parsing succeeds.
 * |len| should be the length of the signature in |in|.
 * Returns the number of bytes parsed, or a negative integer if an error occurs.
+* If an error occurs, the SCT's signature NID may be updated whilst the
+* signature field itself remains unset.
 */
 __owur int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
 
-- 
2.34.1