diff options
author | Andy Polyakov <appro@openssl.org> | 2016-11-20 23:38:12 +0100 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2016-11-25 17:25:05 +0100 |
commit | edfca4e3daab653ec6db79ef1b01762db7ba1a52 (patch) | |
tree | 29acd619b5727b995e9e28a3b69135397928c19c /crypto | |
parent | ca88f01d6c84cff55032b0a39a2d128b266b6b7c (diff) |
modes/ctr128.c: fix false carry in counter increment procedure.
GH issue #1916 affects only big-endian platforms. TLS is not affected,
because TLS fragment is never big enough.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 76f572ed0469a277d92378848250b7a9705d3071)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/modes/ctr128.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c index bcafd6b6bf..d4b22728e6 100644 --- a/crypto/modes/ctr128.c +++ b/crypto/modes/ctr128.c @@ -100,7 +100,7 @@ static void ctr128_inc_aligned(unsigned char *counter) --n; d = data[n] += c; /* did addition carry? */ - c = ((d - c) ^ d) >> (sizeof(size_t) * 8 - 1); + c = ((d - c) & ~d) >> (sizeof(size_t) * 8 - 1); } while (n); } #endif |