From c784a838e0947fcca761ee62def7d077dc06d37f Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@openssl.org>
Date: Sat, 8 Jul 2017 12:43:55 -0400
Subject: [PATCH] Fix bug in err_string_data_cmp

Unsigned overflow.  Thanks to Brian Carpenter for reporting this.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3887)
---
 crypto/err/err.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/err/err.c b/crypto/err/err.c
index e50c6d6f9d..8d0ed6faf3 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -162,7 +162,9 @@ static unsigned long err_string_data_hash(const ERR_STRING_DATA *a)
 static int err_string_data_cmp(const ERR_STRING_DATA *a,
                                const ERR_STRING_DATA *b)
 {
-    return (int)(a->error - b->error);
+    if (a->error == b->error)
+        return 0;
+    return a->error > b->error ? 1 : -1;
 }
 
 static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
-- 
2.25.1