generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for invalid divisors in BN_div.

Browse Source 
Invalid zero-padding in the divisor could cause a division by 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit a43bcd9e96)
This commit is contained in:
Emilia Kasper 2014-12-15 14:52:22 +01:00
parent 7f9edfd23a
commit bfd19df6d0
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
crypto/bn/bn_div.c
View File

@ -189,15 +189,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
int no_branch=0; int no_branch=0;
/* Invalid zero-padding would have particularly bad consequences /* Invalid zero-padding would have particularly bad consequences
* in the case of 'num', so don't just rely on bn_check_top() for this one * so don't just rely on bn_check_top() here
* (bn_check_top() works only for BN_DEBUG builds) */ * (bn_check_top() works only for BN_DEBUG builds) */
if (num->top > 0 && num->d[num->top - 1] == 0) if ((num->top > 0 && num->d[num->top - 1] == 0) ||
(divisor->top > 0 && divisor->d[divisor->top - 1] == 0))
{ {
BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED); BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED);
return 0; return 0;
} }
bn_check_top(num); bn_check_top(num);
bn_check_top(divisor);
if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
{ {
@ -207,7 +209,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
bn_check_top(dv); bn_check_top(dv);
bn_check_top(rm); bn_check_top(rm);
/* bn_check_top(num); */ /* 'num' has been checked already */ /* bn_check_top(num); */ /* 'num' has been checked already */
bn_check_top(divisor); /* bn_check_top(divisor); */ /* 'divisor' has been checked already */
if (BN_is_zero(divisor)) if (BN_is_zero(divisor))
{ {