diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2020-05-19 10:51:53 +0200 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-05-20 17:31:43 +0200 |
commit | 1d05eb55caa8965a151360c2469c463ecd990987 (patch) | |
tree | 7169299eedcf8781482028547e220ea2cae60b13 /crypto | |
parent | cbeb0bfa961412eebfbdf1e72900f05527e81e15 (diff) |
Avoid potential overflow to the sign bit when shifting left 24 places
Although there are platforms where int is 64 bit, 2GiB large BIGNUMs
instead of 4GiB should be "big enough for everybody".
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11857)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/bn/bn_mpi.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c index 504cddffec..d2be44e2bd 100644 --- a/crypto/bn/bn_mpi.c +++ b/crypto/bn/bn_mpi.c @@ -45,7 +45,7 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain) int neg = 0; BIGNUM *a = NULL; - if (n < 4) { + if (n < 4 || (d[0] & 0x80) != 0) { BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH); return NULL; } |