Fix a bug in addr_contains() introduced in OpenSSL commit be71c372

by returning 0 instead of -1 on extract_min_max() failure. Callers would interpret -1 as success of addr_contains(). ok inoguchi jsing
author: tb <> 2022-01-05 07:28:41 +0000
committer: tb <> 2022-01-05 07:28:41 +0000
commit: 7db6eebe2275424b4cc5d4a0e511766614000000 (patch)
tree: ed2b64f212cd76694eda21ded8bcda1c90f6cd2c /src/lib
parent: ec849c4b9815a777888d75fc0a8f413a69a17752 (diff)
download: openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.tar.gz
openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.tar.bz2
openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c
index edb85f3493..92d540dbe5 100644
--- a/src/lib/libcrypto/x509/x509_addr.c
+++ b/src/lib/libcrypto/x509/x509_addr.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: x509_addr.c,v 1.58 2022/01/04 20:52:34 tb Exp $ */
+/*      $OpenBSD: x509_addr.c,v 1.59 2022/01/05 07:28:41 tb Exp $ */
 /*
 * Contributed to the OpenSSL Project by the American Registry for
 * Internet Numbers ("ARIN").
@@ -1648,7 +1648,7 @@ addr_contains(IPAddressOrRanges *parent, IPAddressOrRanges *child, int length)
        for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
                if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
                    c_min, c_max, length))
-                        return -1;
+                        return 0;
                for (;; p++) {
                        if (p >= sk_IPAddressOrRange_num(parent))
                                return 0;
author	tb <>	2022-01-05 07:28:41 +0000
committer	tb <>	2022-01-05 07:28:41 +0000
commit	7db6eebe2275424b4cc5d4a0e511766614000000 (patch)
tree	ed2b64f212cd76694eda21ded8bcda1c90f6cd2c /src/lib
parent	ec849c4b9815a777888d75fc0a8f413a69a17752 (diff)
download	openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.tar.gz openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.tar.bz2 openbsd-7db6eebe2275424b4cc5d4a0e511766614000000.zip

diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c index edb85f3493..92d540dbe5 100644 --- a/src/lib/libcrypto/x509/x509_addr.c +++ b/src/lib/libcrypto/x509/x509_addr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_addr.c,v 1.58 2022/01/04 20:52:34 tb Exp $ */	1	/* $OpenBSD: x509_addr.c,v 1.59 2022/01/05 07:28:41 tb Exp $ */
2	/*	2	/*
3	* Contributed to the OpenSSL Project by the American Registry for	3	* Contributed to the OpenSSL Project by the American Registry for
4	* Internet Numbers ("ARIN").	4	* Internet Numbers ("ARIN").
@@ -1648,7 +1648,7 @@ addr_contains(IPAddressOrRanges parent, IPAddressOrRanges child, int length)
1648	for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {	1648	for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
1649	if (!extract_min_max(sk_IPAddressOrRange_value(child, c),	1649	if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
1650	c_min, c_max, length))	1650	c_min, c_max, length))
1651	return -1;	1651	return 0;
1652	for (;; p++) {	1652	for (;; p++) {
1653	if (p >= sk_IPAddressOrRange_num(parent))	1653	if (p >= sk_IPAddressOrRange_num(parent))
1654	return 0;	1654	return 0;