Submitted by: Julia Lawall <julia@diku.dk>

The functions ENGINE_ctrl(), OPENSSL_isservice(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.

diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
index ed34ff32282a61840ac5dfbc4908d6ee527ce79b..65613aab652940a55e6464a33473c825ccb77690 100644 (file)
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@@ -344,7 +344,7 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
 
        /* Get original receipt request details */
 
-       if (!CMS_get1_ReceiptRequest(osi, &rr))
+       if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
                {
                CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
                goto err;
@@ -385,7 +385,7 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
 
        /* Get original receipt request details */
 
-       if (!CMS_get1_ReceiptRequest(si, &rr))
+       if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
                {
                CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
                goto err;

diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 8f9e88e403d0b434b1cab3ac6c998ff9d287ab77..497d00363e967fdff95720571549cb17f8c77982 100644 (file)
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -513,7 +513,7 @@ void OPENSSL_showfatal (const char *fmta,...)
 
 #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
     /* this -------------v--- guards NT-specific calls */
-    if (GetVersion() < 0x80000000 && OPENSSL_isservice())
+    if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
     {  HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
        const TCHAR *pmsg=buf;
        ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);

diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
index 95b6b455aaf47fe7c581dcd8b20998e6ed1bcb96..5ce25d92ec9518508b9e7c3734bf1b59ae8fcc63 100644 (file)
--- a/crypto/engine/eng_ctrl.c
+++ b/crypto/engine/eng_ctrl.c
@@ -280,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
                }
        /* Force the result of the control command to 0 or 1, for the reasons
         * mentioned before. */
-        if (ENGINE_ctrl(e, num, i, p, f))
+        if (ENGINE_ctrl(e, num, i, p, f) > 0)
                 return 1;
         return 0;
         }
@@ -345,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
                 * usage of these commands is consistent across applications and
                 * that certain applications don't understand it one way, and
                 * others another. */
-               if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+               if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
                        return 1;
                return 0;
                }
@@ -360,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
        if(flags & ENGINE_CMD_FLAG_STRING)
                {
                /* Same explanation as above */
-               if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+               if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
                        return 1;
                return 0;
                }
@@ -383,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
                }
        /* Force the result of the control command to 0 or 1, for the reasons
         * mentioned before. */
-       if(ENGINE_ctrl(e, num, l, NULL, NULL))
+       if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
                return 1;
        return 0;
        }

diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index 9b993aca49800e5854b0f72487509ad20522357a..2bda491a091cf7295b45560df1acef97deaace29 100644 (file)
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -217,7 +217,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
                                ERR_R_MALLOC_FAILURE);
                        goto err;
                        }
-               if (!RAND_bytes(salt, sLen))
+               if (RAND_bytes(salt, sLen) <= 0)
                        goto err;
                }
        maskedDBLen = emLen - hLen - 1;

diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
index cf3332e4e43d530a6af491d0e056fac5ecca5f90..3dfa5adba3f92fa2928262f4d665a19802147107 100644 (file)
--- a/ssl/d1_enc.c
+++ b/ssl/d1_enc.c
@@ -151,7 +151,7 @@ int dtls1_enc(SSL *s, int send)
                                        __FILE__, __LINE__);
                        else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
                                {
-                               if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)))
+                               if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0)
                                        return -1;
                                }
                        }