diff options
| author | schwarze <> | 2024-12-20 20:05:29 +0000 | 
|---|---|---|
| committer | schwarze <> | 2024-12-20 20:05:29 +0000 | 
| commit | 9588bf96d4ac4c99af7b3764a6671ddb6201ca2c (patch) | |
| tree | ac223576b2bc3306e4a017fb52725d751e2b3b4e /src/lib/libc/string/timingsafe_memcmp.c | |
| parent | a25b848bafc0c3ba6f641502653c50599b747142 (diff) | |
| download | openbsd-9588bf96d4ac4c99af7b3764a6671ddb6201ca2c.tar.gz openbsd-9588bf96d4ac4c99af7b3764a6671ddb6201ca2c.tar.bz2 openbsd-9588bf96d4ac4c99af7b3764a6671ddb6201ca2c.zip | |
If EVP_CIPHER_CTX_ctrl(3) is called on EVP_chacha20_poly1305(3)
with an unsupported control command, return -1 rather than 0
to the caller to indicate the error because in general, these
control hooks ought to return -1 for unsupported control commands
and 0 for other errors, for example other invalid arguments.
Not a big deal because this change does not change when operations
succeed or fail, and because callers are unlikely to pass unsupported
control commands in the first place.  The only functional change is that
if a calling program inspects the ERR(3) stack after this failure,
it will now find the correct error code rather than nothing.
Even that wasn't a huge problem because for most EVP_CIPHER control
failures, getting no reason for the error is the usual situation.
Then again, giving the reason when easily possible may occasionally
be useful.  OpenSSL also returns -1 in this case, so it also helps
compatibility a tiny bit.
Found while auditing the return values of all the EVP_CIPHER
control hooks in our tree.  This was the only fishy one i found.
OK tb@
Diffstat (limited to 'src/lib/libc/string/timingsafe_memcmp.c')
0 files changed, 0 insertions, 0 deletions
