From 3edd87c1dd32ee088913f8de3ab9f6579078700e Mon Sep 17 00:00:00 2001
From: samuel40791765 <sachiang@amazon.com>
Date: Wed, 8 May 2024 18:45:33 +0000
Subject: [PATCH] revert success on EOF and align with OpenSSL

---
 crypto/bio/bio.c       | 2 +-
 crypto/bio/bio_test.cc | 4 ++--
 include/openssl/bio.h  | 8 +++-----
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/crypto/bio/bio.c b/crypto/bio/bio.c
index 9bf2dc1aee..fc6178d61d 100644
--- a/crypto/bio/bio.c
+++ b/crypto/bio/bio.c
@@ -198,7 +198,7 @@ int BIO_read_ex(BIO *bio, void *data, size_t data_len, size_t *read_bytes) {
   }
 
   int ret = BIO_read(bio, data, read_len);
-  if (ret >= 0) {
+  if (ret > 0) {
     *read_bytes = ret;
     return 1;
   } else {
diff --git a/crypto/bio/bio_test.cc b/crypto/bio/bio_test.cc
index eb51f37a0c..661ef0d4b7 100644
--- a/crypto/bio/bio_test.cc
+++ b/crypto/bio/bio_test.cc
@@ -1096,11 +1096,11 @@ TEST(BIOTest, ReadWriteEx) {
 
   // Test that |BIO_write/read_ex| align with their non-ex counterparts, when
   // encountering NULL data. EOF in |BIO_read| is indicated by returning 0.
-  // In AWS-LC's |BIO_read_ex|, this should return success and set |read| to 0.
+  // In |BIO_read_ex| however, EOF returns a failure and sets |read| to 0.
   EXPECT_FALSE(BIO_write(bio.get(), nullptr, 0));
   EXPECT_FALSE(BIO_write_ex(bio.get(), nullptr, 0, &written));
   EXPECT_EQ(written, (size_t)0);
   EXPECT_EQ(BIO_read(bio.get(), nullptr, 0), 0);
-  ASSERT_TRUE(BIO_read_ex(bio.get(), nullptr, 0, &read));
+  EXPECT_FALSE(BIO_read_ex(bio.get(), nullptr, 0, &read));
   EXPECT_EQ(read, (size_t)0);
 }
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index a2b63dcb9b..8b6b192a0f 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -113,11 +113,9 @@ OPENSSL_EXPORT int BIO_read(BIO *bio, void *data, int len);
 // BIO_read_ex calls |BIO_read| and stores the number of bytes read in
 // |read_bytes|. It returns one on success and zero otherwise.
 //
-// Note: OpenSSL's |BIO_read_ex| returns zero on EOF. This disallows any
-// mechanism to notify the user that an EOF has occurred and renders this API
-// unusable. See openssl/openssl#8208.
-// |BIO_read_ex| will return one for success and set |read_bytes| to 0 on EOF in
-// AWS-LC.
+// WARNING: Don't use this, use |BIO_read| instead. |BIO_read_ex| returns zero
+// on EOF, which disallows any mechanism to notify the user that an EOF has
+// occurred and renders this API unusable. See openssl/openssl#8208.
 OPENSSL_EXPORT int BIO_read_ex(BIO *bio, void *data, size_t data_len,
                                size_t *read_bytes);