From 01a4aa51ed80938665d4c077171ea6b3f41a0a7a Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Wed, 2 Jul 2025 22:04:09 +0200
Subject: [PATCH] Fix GH-18986: OpenSSL backend: incorrect
 RAND_{load,write}_file() return value check

As noted by the LibreSSL maintainer, these functions return -1 on error.
This is further confirmed by my static analyzer that inferred the same
thing for OpenSSL.
---
 ext/openssl/openssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 718f946ad176d..e44bc90bbd7f8 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1095,7 +1095,7 @@ static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *se
 		return SUCCESS;
 #endif
 	}
-	if (file == NULL || !RAND_load_file(file, -1)) {
+	if (file == NULL || RAND_load_file(file, -1) < 0) {
 		if (RAND_status() == 0) {
 			php_openssl_store_errors();
 			php_error_docref(NULL, E_WARNING, "Unable to load random state; not enough random data!");
@@ -1122,7 +1122,7 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int see
 		file = RAND_file_name(buffer, sizeof(buffer));
 	}
 	PHP_OPENSSL_RAND_ADD_TIME();
-	if (file == NULL || !RAND_write_file(file)) {
+	if (file == NULL || RAND_write_file(file) < 0) {
 		php_openssl_store_errors();
 		php_error_docref(NULL, E_WARNING, "Unable to write random state");
 		return FAILURE;