From cb1c3d1a2714eb69012b079053f7fbcca1acc544 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 12 Feb 2018 17:22:17 +0000 Subject: [PATCH] Make sure we check the return value of extract_min_max() Commit 42d7d7dd6 turned this function from returning void to returning an int error code. This instance of calling it was missed. Found by Coverity. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5338) --- crypto/x509v3/v3_asid.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c index 6bc4afd38c..50b8816d48 100644 --- a/crypto/x509v3/v3_asid.c +++ b/crypto/x509v3/v3_asid.c @@ -667,7 +667,9 @@ static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child) for (;; p++) { if (p >= sk_ASIdOrRange_num(parent)) return 0; - extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max); + if (!extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, + &p_max)) + return 0; if (ASN1_INTEGER_cmp(p_max, c_max) < 0) continue; if (ASN1_INTEGER_cmp(p_min, c_min) > 0) -- 2.25.1