fix: BN_swap mishandles flags (1.0.2)

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6102)
author: Billy Brumley <bbrumley@gmail.com> 2018-04-26 19:08:59 +0300
committer: Matt Caswell <matt@openssl.org> 2018-04-27 10:02:04 +0100
commit: 98f2e513ce5c9425ec5d6316de30fdf4b5d333ee (patch)
tree: 0a1da5bfeb742e5caf3d394c74111fdc3350c89d /crypto
parent: b10794b5309a42bd3ea30d824ce1068e5189e66f (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 27b9bdbc3c..f49c61cb5d 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -503,6 +503,10 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
     return (a);
 }
 
+#define FLAGS_DATA(flags) ((flags) & (BN_FLG_STATIC_DATA \
+                                    | BN_FLG_CONSTTIME))
+#define FLAGS_STRUCT(flags) ((flags) & (BN_FLG_MALLOCED))
+
 void BN_swap(BIGNUM *a, BIGNUM *b)
 {
     int flags_old_a, flags_old_b;
@@ -530,10 +534,8 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
     b->dmax = tmp_dmax;
     b->neg = tmp_neg;
 
-    a->flags =
-        (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
-    b->flags =
-        (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
+    a->flags = FLAGS_STRUCT(flags_old_a) | FLAGS_DATA(flags_old_b);
+    b->flags = FLAGS_STRUCT(flags_old_b) | FLAGS_DATA(flags_old_a);
     bn_check_top(a);
     bn_check_top(b);
 }
author	Billy Brumley <bbrumley@gmail.com>	2018-04-26 19:08:59 +0300
committer	Matt Caswell <matt@openssl.org>	2018-04-27 10:02:04 +0100
commit	98f2e513ce5c9425ec5d6316de30fdf4b5d333ee (patch)
tree	0a1da5bfeb742e5caf3d394c74111fdc3350c89d /crypto
parent	b10794b5309a42bd3ea30d824ce1068e5189e66f (diff)