Don't allow BIGNUMs to become so large that computations with dmax

might overflow.
author: Bodo Möller <bodo@openssl.org> 2000-12-03 09:39:04 +0000
committer: Bodo Möller <bodo@openssl.org> 2000-12-03 09:39:04 +0000
commit: 152a689cf93f2bac78c1b0d6ee24c86640ae0f34 (patch)
tree: 7493c7de70e4bbd8fe3ea01c1d705c4f523b5047 /crypto/bn/bn_lib.c
parent: 35a99b6380231992457f9e4133d3c3e509b85d0d (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 050e02bd3a..096bcf1835 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -312,6 +312,12 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
 	const BN_ULONG *B;
 	int i;
 
+	if (words > (INT_MAX/(4*BN_BITS2)))
+		{
+		BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_TOO_LARGE);
+		return NULL;
+		}
+
 	bn_check_top(b);	
 	if (BN_get_flags(b,BN_FLG_STATIC_DATA))
 		{
author	Bodo Möller <bodo@openssl.org>	2000-12-03 09:39:04 +0000
committer	Bodo Möller <bodo@openssl.org>	2000-12-03 09:39:04 +0000
commit	152a689cf93f2bac78c1b0d6ee24c86640ae0f34 (patch)
tree	7493c7de70e4bbd8fe3ea01c1d705c4f523b5047 /crypto/bn/bn_lib.c
parent	35a99b6380231992457f9e4133d3c3e509b85d0d (diff)