From: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Sun, 12 Oct 2025 13:39:42 +0000 (+0800)
Subject: comp/zstd: make bio_zstd_read return -1 on hard errors
X-Git-Tag: 3.6-PRE-CLANG-FORMAT-WEBKIT~96
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff05645178049316e5aa53d665bf5c0e05eef08c;p=thirdparty%2Fopenssl.git

comp/zstd: make bio_zstd_read return -1 on hard errors

Split NULL out param from zero outl. Return -1 on malloc failure and
NULL parameter. Keep 0 only for outl <= 0 and clean EOF. This lets
callers distinguish errors from empty reads without inspecting the
error queue.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28908)

(cherry picked from commit 5871953822fb02bb651abf60dfc4a0785a5a3caa)
---

diff --git a/crypto/comp/c_zstd.c b/crypto/comp/c_zstd.c
index 754df3061df..e9b14472506 100644
--- a/crypto/comp/c_zstd.c
+++ b/crypto/comp/c_zstd.c
@@ -582,7 +582,11 @@ static int bio_zstd_read(BIO *b, char *out, int outl)
     ZSTD_outBuffer outBuf;
     BIO *next = BIO_next(b);
 
-    if (out == NULL || outl <= 0)
+    if (out == NULL) {
+        ERR_raise(ERR_LIB_COMP, ERR_R_PASSED_NULL_PARAMETER);
+        return -1;
+    }
+    if (outl <= 0)
         return 0;
 
     ctx = BIO_get_data(b);
@@ -591,7 +595,7 @@ static int bio_zstd_read(BIO *b, char *out, int outl)
         ctx->decompress.buffer = OPENSSL_malloc(ctx->decompress.bufsize);
         if (ctx->decompress.buffer == NULL) {
             ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE);
-            return 0;
+            return -1;
         }
         ctx->decompress.inbuf.src = ctx->decompress.buffer;
         ctx->decompress.inbuf.size = 0;