Change condition to avoid spurious compiler complaints.

X509_TRUST_get0() is checking < 0, the code here was checking == -1. Both are equivalent in this situation but gcc-12 has conniptions about a subsequent possible NULL dereference (which isn't possible). Fixes #17665 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17668) (cherry picked from commit b84c6e86dd8ca88444207080808d1d598856041f)
author: Pauli <pauli@openssl.org> 2022-02-09 11:17:57 +1100
committer: Pauli <pauli@openssl.org> 2022-02-11 13:44:33 +1100
commit: fc27d9f3af95aa33e5028c6cef8d56d1c7f17436 (patch)
tree: b9874fbf997c18425a90f1f6cd9d26491b07b6e8 /crypto
parent: b32b2167155cafc4ac133f49d9cd04a249e443c8 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index ff578aee73..0888e16c15 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -134,7 +134,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
     /* Get existing entry if any */
     idx = X509_TRUST_get_by_id(id);
     /* Need a new entry */
-    if (idx == -1) {
+    if (idx < 0) {
         if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
             ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
             return 0;
author	Pauli <pauli@openssl.org>	2022-02-09 11:17:57 +1100
committer	Pauli <pauli@openssl.org>	2022-02-11 13:44:33 +1100
commit	fc27d9f3af95aa33e5028c6cef8d56d1c7f17436 (patch)
tree	b9874fbf997c18425a90f1f6cd9d26491b07b6e8 /crypto
parent	b32b2167155cafc4ac133f49d9cd04a249e443c8 (diff)