From: Andy Polyakov <appro@openssl.org>
Date: Sun, 25 Dec 2016 15:36:43 +0000 (+0100)
Subject: poly1305/poly1305_base2_44.c: clarify shift boundary condition.
X-Git-Tag: OpenSSL_1_1_1-pre1~2644
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9872238eb6fb981fc7c36ba4180d193cab077b34;p=oweals%2Fopenssl.git

poly1305/poly1305_base2_44.c: clarify shift boundary condition.

Reviewed-by: Matt Caswell <matt@openssl.org>
---

diff --git a/crypto/poly1305/poly1305_base2_44.c b/crypto/poly1305/poly1305_base2_44.c
index 20365852ff..b6313d01ba 100644
--- a/crypto/poly1305/poly1305_base2_44.c
+++ b/crypto/poly1305/poly1305_base2_44.c
@@ -117,8 +117,8 @@ void poly1305_blocks(void *ctx, const unsigned char *inp, size_t len,
 
         /* "lazy" reduction step */
         h0 = (u64)d0 & 0x0fffffffffff;
-        h1 = (u64)(d1 += d0 >> 44) & 0x0fffffffffff;
-        h2 = (u64)(d2 += d1 >> 44) & 0x03ffffffffff; /* last digit is 42 bits */
+        h1 = (u64)(d1 += (u64)(d0 >> 44)) & 0x0fffffffffff;
+        h2 = (u64)(d2 += (u64)(d1 >> 44)) & 0x03ffffffffff; /* last 42 bits */
 
         c = (d2 >> 42);
         h0 += c + (c << 2);