[openssl-commits] [openssl] OpenSSL source code branch master updated. a015758d11f8fd2171a3b73be60e90bed1bd857e

Emilia Kasper emilia at openssl.org
Wed Dec 17 09:02:34 UTC 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, master has been updated
       via  a015758d11f8fd2171a3b73be60e90bed1bd857e (commit)
      from  789da2c73d875af59b14156b6295aa4bdfc4f424 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a015758d11f8fd2171a3b73be60e90bed1bd857e
Author: Emilia Kasper <emilia at openssl.org>
Date:   Mon Dec 15 14:52:22 2014 +0100

    Check for invalid divisors in BN_div.
    
    Invalid zero-padding in the divisor could cause a division by 0.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit a43bcd9e96c5180e5c6c82164ece643c0097485e)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bn/bn_div.c |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 06d87d0..1b5c29c 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -190,15 +190,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	int no_branch=0;
 
 	/* Invalid zero-padding would have particularly bad consequences
-	 * in the case of 'num', so don't just rely on bn_check_top() for this one
+	 * so don't just rely on bn_check_top() here
 	 * (bn_check_top() works only for BN_DEBUG builds) */
-	if (num->top > 0 && num->d[num->top - 1] == 0)
+	if ((num->top > 0 && num->d[num->top - 1] == 0) ||
+		(divisor->top > 0 && divisor->d[divisor->top - 1] == 0))
 		{
 		BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED);
 		return 0;
 		}
 
 	bn_check_top(num);
+	bn_check_top(divisor);
 
 	if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
 		{
@@ -208,7 +210,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	bn_check_top(dv);
 	bn_check_top(rm);
 	/* bn_check_top(num); */ /* 'num' has been checked already */
-	bn_check_top(divisor);
+	/* bn_check_top(divisor); */ /* 'divisor' has been checked already */
 
 	if (BN_is_zero(divisor))
 		{


hooks/post-receive
-- 
OpenSSL source code

More information about the openssl-commits mailing list