From: Rich Salz <rsalz@akamai.com>
Date: Thu, 27 Aug 2015 21:17:26 +0000 (-0400)
Subject: Fix memory over-read
X-Git-Tag: OpenSSL_1_1_0-pre1~770
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=3c65047d30dacca345d30269b95af4a5c413e8d1;p=oweals%2Fopenssl.git

Fix memory over-read

Fix from David Baggett via tweet.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
---

diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index c8e8519d8b..2ca6beab36 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -553,7 +553,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
         return (NULL);
     bn_check_top(ret);
     /* Skip leading zero's. */
-    for ( ; *s == 0 && len > 0; s++, len--)
+    for ( ; len > 0 && *s == 0; s++, len--)
         continue;
     n = len;
     if (n == 0) {