_gnutls_fbase64_decode will always return non-zerotmp-base64-reject-zero-length

That is, document that fact and update its callers to remove
checks for zero.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

4 files changed, 5 insertions, 6 deletions

diff --git a/lib/dh.c b/lib/dh.c
index 2294cb94cd..6f5d5f7a5b 100644
--- a/lib/dh.c
+++ b/lib/dh.c
@@ -441,9 +441,7 @@ gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params,
 						pkcs3_params->size,
 						&_params);
 
-		if (result <= 0) {
-			if (result == 0)
-				result = GNUTLS_E_INTERNAL_ERROR;
+		if (result < 0) {
 			gnutls_assert();
 			return result;
 		}
diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c
index b22a1cf65b..955cb5ae9c 100644
--- a/lib/x509/pkcs7.c
+++ b/lib/x509/pkcs7.c
@@ -256,7 +256,7 @@ gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * data,
 		    _gnutls_fbase64_decode(PEM_PKCS7, data->data,
 					   data->size, &_data);
 
-		if (result <= 0) {
+		if (result < 0) {
 			gnutls_assert();
 			return result;
 		}
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 641b3ac461..d513b8e2fe 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -522,7 +522,7 @@ gnutls_x509_crt_import(gnutls_x509_crt_t cert,
 		    _gnutls_fbase64_decode(PEM_X509_CERT2, data->data,
 					   data->size, &cert->der);
 
-		if (result <= 0) {
+		if (result < 0) {
 			/* try for the second header */
 			result =
 			    _gnutls_fbase64_decode(PEM_X509_CERT,
diff --git a/lib/x509_b64.c b/lib/x509_b64.c
index 76924416b7..218f98a3ce 100644
--- a/lib/x509_b64.c
+++ b/lib/x509_b64.c
@@ -313,7 +313,8 @@ _gnutls_base64_decode(const uint8_t * data, size_t data_size,
 /* Searches the given string for ONE PEM encoded certificate, and
  * stores it in the result.
  *
- * The result_size is the return value
+ * The result_size (always non-zero) is the return value,
+ * or a negative error code.
  */
 #define ENDSTR "-----"
 int