bn/bn_mont.c: move boundary condition check closer to caller.

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: David Benjamin <davidben@google.com> (Merged from https://github.com/openssl/openssl/pull/6662)
author: Andy Polyakov <appro@openssl.org> 2018-07-06 13:46:07 +0200
committer: Andy Polyakov <appro@openssl.org> 2018-07-12 14:51:55 +0200
commit: 3c97e4121ecec20cfac433883cd4709580a05620 (patch)
tree: 65c031fecab9f055478fcfe46f961453a49a0a0f /crypto/bn/bn_mont.c
parent: e42395e637c3507b80b25c7ed63236898822d2f1 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 5e068c4a1b..8e0d43642f 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -28,9 +28,9 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 {
     BIGNUM *tmp;
     int ret = 0;
-#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
     int num = mont->N.top;
 
+#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
     if (num > 1 && a->top == num && b->top == num) {
         if (bn_wexpand(r, num) == NULL)
             return 0;
@@ -43,6 +43,9 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
     }
 #endif
 
+    if ((a->top + b->top) > 2 * num)
+        return 0;
+
     BN_CTX_start(ctx);
     tmp = BN_CTX_get(ctx);
     if (tmp == NULL)
@@ -95,8 +98,6 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
 
     /* clear the top words of T */
     i = max - r->top;
-    if (i < 0)
-        return 0;
     if (i)
         memset(&rp[r->top], 0, sizeof(*rp) * i);
author	Andy Polyakov <appro@openssl.org>	2018-07-06 13:46:07 +0200
committer	Andy Polyakov <appro@openssl.org>	2018-07-12 14:51:55 +0200
commit	3c97e4121ecec20cfac433883cd4709580a05620 (patch)
tree	65c031fecab9f055478fcfe46f961453a49a0a0f /crypto/bn/bn_mont.c
parent	e42395e637c3507b80b25c7ed63236898822d2f1 (diff)