[openssl] openssl-3.0 update

Dr. Paul Dale pauli at openssl.org
Sun Dec 12 22:51:38 UTC 2021 

The branch openssl-3.0 has been updated
       via  bfda2e0d85fcc521544920b7bbe45c87b425ae90 (commit)
      from  792d224772f849ac23384a55499ef2377ff781d3 (commit)


- Log -----------------------------------------------------------------
commit bfda2e0d85fcc521544920b7bbe45c87b425ae90
Author: Pauli <ppzgs1 at gmail.com>
Date:   Wed Nov 24 11:38:51 2021 +1000

    Fix Coverity 1494385 logically dead code.
    
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/17123)
    
    (cherry picked from commit 23effeb81fbcdc436b1e871e7fff34456d6bfbaf with
    manual corrections)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bn/rsaz_exp_x2.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/crypto/bn/rsaz_exp_x2.c b/crypto/bn/rsaz_exp_x2.c
index b7d11180f8..15db0c1f05 100644
--- a/crypto/bn/rsaz_exp_x2.c
+++ b/crypto/bn/rsaz_exp_x2.c
@@ -14,6 +14,7 @@
  */
 
 #include <openssl/opensslconf.h>
+#include <openssl/crypto.h>
 #include "rsaz_exp.h"
 
 #ifndef RSAZ_ENABLED
@@ -310,14 +311,23 @@ static void RSAZ_exp52x20_x2_256(BN_ULONG *out,          /* [2][20] */
 
     /* Exponentiation */
     {
-        int rem = BITSIZE_MODULUS % EXP_WIN_SIZE;
-        int delta = rem ? rem : EXP_WIN_SIZE;
+        const int rem = BITSIZE_MODULUS % EXP_WIN_SIZE;
         BN_ULONG table_idx_mask = EXP_WIN_MASK;
 
-        int exp_bit_no = BITSIZE_MODULUS - delta;
+        int exp_bit_no = BITSIZE_MODULUS - rem;
         int exp_chunk_no = exp_bit_no / 64;
         int exp_chunk_shift = exp_bit_no % 64;
 
+        /*
+         * If rem == 0, then
+         *      exp_bit_no = modulus_bitsize - exp_win_size
+         * However, this isn't possible because rem is { 1024, 1536, 2048 } % 5
+         * which is { 4, 1, 3 } respectively.
+         *
+         * If this assertion ever fails the fix above is easy.
+         */
+        OPENSSL_assert(rem != 0);
+
         /* Process 1-st exp window - just init result */
         BN_ULONG red_table_idx_0 = expz[0][exp_chunk_no];
         BN_ULONG red_table_idx_1 = expz[1][exp_chunk_no];

More information about the openssl-commits mailing list