diff options
author | Andy Polyakov <appro@openssl.org> | 2015-05-20 09:36:48 +0200 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2015-05-24 21:31:49 +0200 |
commit | 0a59e2dc308e6d6a7078e6b3e4e714101a2db538 (patch) | |
tree | 523ddd60385b854dca782f493c2334fd9b1fd6e4 | |
parent | 0945bfcb22f1df1d89e84973f175a620adab4f0d (diff) |
bn/asm/x86_64-mont5.pl: fix valgrind error.
bn_get_bits5 was overstepping array boundary by 1 byte. It was exclusively
read overstep and data could not have been used. The only potential problem
would be if array happens to end on the very edge of last accesible page.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 69567687b0b7ed67831c17a010f4d46dfd059aef)
-rwxr-xr-x | crypto/bn/asm/x86_64-mont5.pl | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl index fa22c30b1f..820de3d6f6 100755 --- a/crypto/bn/asm/x86_64-mont5.pl +++ b/crypto/bn/asm/x86_64-mont5.pl @@ -3226,11 +3226,16 @@ $code.=<<___; .type bn_get_bits5,\@abi-omnipotent .align 16 bn_get_bits5: - mov $inp,%r10 + lea 0($inp),%r10 + lea 1($inp),%r11 mov $num,%ecx - shr \$3,$num - movzw (%r10,$num),%eax - and \$7,%ecx + shr \$4,$num + and \$15,%ecx + lea -8(%ecx),%eax + cmp \$11,%ecx + cmova %r11,%r10 + cmova %eax,%ecx + movzw (%r10,$num,2),%eax shrl %cl,%eax and \$31,%eax ret |