[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Mon Aug 22 16:21:26 UTC 2016
The branch OpenSSL_1_0_1-stable has been updated
via 3612ff6fcec0e3d1f2a598135fe12177c0419582 (commit)
from cfd40fd39e69f5e3c654ae8fbf9acb1d2a051144 (commit)
- Log -----------------------------------------------------------------
commit 3612ff6fcec0e3d1f2a598135fe12177c0419582
Author: Kazuki Yamaguchi <k at rhe.jp>
Date: Mon Aug 22 02:36:36 2016 +0900
Fix overflow check in BN_bn2dec()
Fix an off by one error in the overflow check added by 07bed46f332fc
("Check for errors in BN_bn2dec()").
Reviewed-by: Stephen Henson <steve at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(cherry picked from commit 099e2968ed3c7d256cda048995626664082b1b30)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_print.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index b44403e..a9ff271 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a)
if (BN_is_negative(t))
*p++ = '-';
- i = 0;
while (!BN_is_zero(t)) {
+ if (lp - bn_data >= bn_data_num)
+ goto err;
*lp = BN_div_word(t, BN_DEC_CONV);
if (*lp == (BN_ULONG)-1)
goto err;
lp++;
- if (lp - bn_data >= bn_data_num)
- goto err;
}
lp--;
/*
More information about the openssl-commits
mailing list