diff options
| author |   miod <miod@openbsd.org> | 2014-08-07 19:46:31 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-08-07 19:46:31 +0000 |
| commit | ffb772b401a7e4d8ff166372a160eb0da562824c (patch) | |
| tree | 4204be25125390a03429c66abc90c5b245fee015 /lib/libssl/src/ssl/s3_enc.c | |
| parent | Bump example pubkey filenames to /etc/signify/openbsd-56-base.pub for (diff) | |
| download | wireguard-openbsd-ffb772b401a7e4d8ff166372a160eb0da562824c.tar.xz wireguard-openbsd-ffb772b401a7e4d8ff166372a160eb0da562824c.zip | |
When you expect a function to return a particular value, don't put a comment
saying that you expect it to return that value and compare it against zero
because it is supposedly faster, for this leads to bugs (especially given the
high rate of sloppy cut'n'paste within ssl3 and dtls1 routines in this
library).
Instead, compare for the exact value it ought to return upon success.
ok deraadt@
Diffstat (limited to 'lib/libssl/src/ssl/s3_enc.c')
| -rw-r--r-- | lib/libssl/src/ssl/s3_enc.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libssl/src/ssl/s3_enc.c b/lib/libssl/src/ssl/s3_enc.c index d9fedfbb1a2..913a256f28e 100644 --- a/lib/libssl/src/ssl/s3_enc.c +++ b/lib/libssl/src/ssl/s3_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_enc.c,v 1.52 2014/07/10 08:51:14 tedu Exp $ */ +/* $OpenBSD: s3_enc.c,v 1.53 2014/08/07 19:46:31 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -607,7 +607,7 @@ ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, if (!EVP_MD_CTX_copy_ex(&ctx, d)) return 0; n = EVP_MD_CTX_size(&ctx); - if (n < 0) + if (n <= 0) return 0; npad = (48 / n) * n; @@ -655,7 +655,7 @@ n_ssl3_mac(SSL *ssl, unsigned char *md, int send) } t = EVP_MD_CTX_size(hash); - if (t < 0) + if (t <= 0) return -1; md_size = t; npad = (48 / md_size) * md_size; |