The branch master has been updated via 7b3041eba1c6e177eede0d6311d53a6b9ff58051 (commit) from 09dca557332a2187598932388ac7bd7bbf16172b (commit)
- Log ----------------------------------------------------------------- commit 7b3041eba1c6e177eede0d6311d53a6b9ff58051 Author: Pauli <pa...@openssl.org> Date: Wed Feb 16 10:41:58 2022 +1100 x509: handle returns from X509_TRUST_get_by_id() more consistently Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de> Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17709) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_trust.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c index bf674737f8..d3b9ad345d 100644 --- a/crypto/x509/x509_trust.c +++ b/crypto/x509/x509_trust.c @@ -72,7 +72,7 @@ int X509_check_trust(X509 *x, int id, int flags) return obj_trust(NID_anyExtendedKeyUsage, x, flags | X509_TRUST_DO_SS_COMPAT); idx = X509_TRUST_get_by_id(id); - if (idx == -1) + if (idx < 0) return default_trust(id, x, flags); pt = X509_TRUST_get0(idx); return pt->check_trust(pt, x, flags); @@ -112,7 +112,7 @@ int X509_TRUST_get_by_id(int id) int X509_TRUST_set(int *t, int trust) { - if (X509_TRUST_get_by_id(trust) == -1) { + if (X509_TRUST_get_by_id(trust) < 0) { ERR_raise(ERR_LIB_X509, X509_R_INVALID_TRUST); return 0; } @@ -162,7 +162,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), trtmp->arg2 = arg2; /* If its a new entry manage the dynamic table */ - if (idx == -1) { + if (idx < 0) { if (trtable == NULL && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) { ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); @@ -175,7 +175,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), } return 1; err: - if (idx == -1) { + if (idx < 0) { OPENSSL_free(trtmp->name); OPENSSL_free(trtmp); }