From a94e800442957d0b5beb7f74c75ae305fef0bd01 Mon Sep 17 00:00:00 2001 From: inoguchi Date: Thu, 20 Jan 2022 10:58:35 +0000 Subject: [PATCH] Add check for EVP_CIPHER_CTX_set_key_length return value It returns 1 on success and 0 for failure, never negative value. ok jsing@ millert@ tb@ --- lib/libcrypto/cms/cms_enc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/cms/cms_enc.c b/lib/libcrypto/cms/cms_enc.c index fd2df99c6c1..ccbb6a5deb5 100644 --- a/lib/libcrypto/cms/cms_enc.c +++ b/lib/libcrypto/cms/cms_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms_enc.c,v 1.20 2019/08/11 11:04:18 jsing Exp $ */ +/* $OpenBSD: cms_enc.c,v 1.21 2022/01/20 10:58:35 inoguchi Exp $ */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. @@ -151,7 +151,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) if (ec->keylen != tkeylen) { /* If necessary set key length */ - if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) { + if (!EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen)) { /* * Only reveal failure if debugging so we don't leak information * which may be useful in MMA. -- 2.20.1