diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c
index 528c605554741..e559350461a2a 100644
--- a/ssl/record/tls_pad.c
+++ b/ssl/record/tls_pad.c
@@ -251,7 +251,7 @@ static int ssl3_cbc_copy_mac(size_t *reclen,
     }
 
     /* Create the random MAC we will emit if padding is bad */
-    if (!RAND_bytes_ex(libctx, randmac, mac_size, 0))
+    if (RAND_bytes_ex(libctx, randmac, mac_size, 0) <= 0)
         return 0;
 
     if (!ossl_assert(mac != NULL && alloced != NULL))
diff --git a/test/provfetchtest.c b/test/provfetchtest.c
index 1d09e6a0db4dc..b1f9d08c4619d 100644
--- a/test/provfetchtest.c
+++ b/test/provfetchtest.c
@@ -213,7 +213,7 @@ static int dummy_provider_init(const OSSL_CORE_HANDLE *handle,
      * Do some work using the child libctx, to make sure this is possible from
      * inside the init function.
      */
-    if (!RAND_bytes_ex(libctx, buf, sizeof(buf), 0))
+    if (RAND_bytes_ex(libctx, buf, sizeof(buf), 0) <= 0)
         return 0;
 
     return 1;
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 722106889b63c..b06d5d7a14995 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1337,7 +1337,7 @@ static int execute_test_ktls_sendfile(int tls_version, const char *cipher)
         goto end;
     }
 
-    if (!TEST_true(RAND_bytes_ex(libctx, buf, SENDFILE_SZ, 0)))
+    if (!TEST_int_gt(RAND_bytes_ex(libctx, buf, SENDFILE_SZ, 0), 0))
         goto end;
 
     out = BIO_new_file(tmpfilename, "wb");
diff --git a/test/tls-provider.c b/test/tls-provider.c
index f8eeaeb363b40..9ac1db51b3915 100644
--- a/test/tls-provider.c
+++ b/test/tls-provider.c
@@ -813,7 +813,7 @@ unsigned int randomize_tls_group_id(OSSL_LIB_CTX *libctx)
     int i;
 
  retry:
-    if (!RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id), 0))
+    if (RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id), 0) <= 0)
         return 0;
     /*
      * Ensure group_id is within the IANA Reserved for private use range