From: Andy Polyakov <appro@openssl.org>
Date: Sat, 21 Feb 2015 12:51:56 +0000 (+0100)
Subject: Avoid reading an unused byte after the buffer
X-Git-Tag: OpenSSL_1_0_1m~18
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=eadc81e7dd3fde473a9e38a57b4c29cf6b699110;p=oweals%2Fopenssl.git

Avoid reading an unused byte after the buffer

Other curves don't have this problem.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 9fbbdd73c58c29dc46cc314f7165e45e6d43fd60)
---

diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index 9a59ef0c19..ed09f97ade 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -321,7 +321,7 @@ static void bin28_to_felem(felem out, const u8 in[28])
     out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
     out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
     out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
-    out[3] = (*((const uint64_t *)(in + 21))) & 0x00ffffffffffffff;
+    out[3] = (*((const uint64_t *)(in+20))) >> 8;
 }
 
 static void felem_to_bin28(u8 out[28], const felem in)