From: ndossche <niels.dossche@ugent.be>
Date: Thu, 2 Feb 2023 13:02:34 +0000 (+0100)
Subject: Fix incomplete BIO_dup_state() error check
X-Git-Tag: openssl-3.2.0-alpha1~1295
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=89601c72471a4b6bbb9e877f5c54f20eceba5f01;p=thirdparty%2Fopenssl.git

Fix incomplete BIO_dup_state() error check

BIO_dup_state() returns an error code <= 0 according to my analysis tool
and the documentation. Currently only == 0 is checked. Fix it by
changing the check condition.

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20194)
---

diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index 4708b984fa5..2848d55934d 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -886,7 +886,7 @@ BIO *BIO_dup_chain(BIO *in)
         /* This will let SSL_s_sock() work with stdin/stdout */
         new_bio->num = bio->num;
 
-        if (!BIO_dup_state(bio, (char *)new_bio)) {
+        if (BIO_dup_state(bio, (char *)new_bio) <= 0) {
             BIO_free(new_bio);
             goto err;
         }