From 3c97e4121ecec20cfac433883cd4709580a05620 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Fri, 6 Jul 2018 13:46:07 +0200 Subject: [PATCH] bn/bn_mont.c: move boundary condition check closer to caller. Reviewed-by: Rich Salz Reviewed-by: David Benjamin (Merged from https://github.com/openssl/openssl/pull/6662) --- crypto/bn/bn_mont.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 5e068c4a1b..8e0d43642f 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -28,9 +28,9 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, { BIGNUM *tmp; int ret = 0; -#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD) int num = mont->N.top; +#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD) if (num > 1 && a->top == num && b->top == num) { if (bn_wexpand(r, num) == NULL) return 0; @@ -43,6 +43,9 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, } #endif + if ((a->top + b->top) > 2 * num) + return 0; + BN_CTX_start(ctx); tmp = BN_CTX_get(ctx); if (tmp == NULL) @@ -95,8 +98,6 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) /* clear the top words of T */ i = max - r->top; - if (i < 0) - return 0; if (i) memset(&rp[r->top], 0, sizeof(*rp) * i); -- 2.25.1