From d21ecd71c0227c39178375c8204f63ff7b5987ec Mon Sep 17 00:00:00 2001 From: ihsinme Date: Tue, 8 Nov 2022 14:30:45 +0300 Subject: [PATCH] dh_genprime: Fix issue where the error code returned by mbedtls_mpi_write_file() is incorrectly reported on failure In 'dh_genprime.c', the following condition can be found inside an 'if' statement: ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 As the '!=' operator binds closer than the assignment operator ('='), the value assigned to 'ret' will be the boolean result of the comparison (0 or 1) instead of the status code returned by 'mbedtls_mpi_write_file'. This means that the above statement is actually equivalent to: ret = ( mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) What we want instead is for the the status code to be assigned to 'ret'. If the value assigned is non-zero, it will be 'truthy' and the 'if' branch will be taken. ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) ) != 0 This PR fixes the issue by explicitly specifying the precedence of operations with parentheses. Signed-off-by: ihsinme --- programs/pkey/dh_genprime.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 2e696e574..331838bb4 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -157,8 +157,8 @@ int main( int argc, char **argv ) goto exit; } - if( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) || - ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) != 0 ) ) + if( ( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) ) != 0 ) || + ( ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) ) != 0 ) ) { mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); fclose( fout );