BN_bin2bn did *not* contain an off-by-one error;

I'm still investigating what caused the segementation fault (maybe "make clean; make" will cure it ...). But BN_bin2bn should always reset ret->neg.

BN_bin2bn did not contain an off-by-one error;
I'm still investigating what caused the segementation fault (maybe "make clean; make" will cure it ...). But BN_bin2bn should always reset ret->neg.
91616729 · Bodo Möller · a08bcccc · 91616729 · 91616729
显示空白变更内容
内联并排

Showing with 2 addition and 6 deletion

CHANGES CHANGES +0 -3

crypto/bn/bn_lib.c crypto/bn/bn_lib.c +2 -3

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -3,9 +3,6 @@
 Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
-  *) BN_bin2bn bugfix (off-by-one error).
-     [Bodo Moeller]
  *) Make BN_mod_inverse faster by explicitly handling small quotients
     in the Euclid loop. (Speed gain about 20% for small moduli [256 or
     512 bits], about 30% for larger ones [1024 or 2048 bits].)

--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -585,7 +585,6 @@ int BN_set_word(BIGNUM *a, BN_ULONG w)
 	return(1);
 	}
-/* ignore negative */
 BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
 	{
 	unsigned int i,m;
@@ -605,7 +604,8 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
 		return(NULL);
 	i=((n-1)/BN_BYTES)+1;
 	m=((n-1)%(BN_BYTES));
-	ret->top=i-1;
+	ret->top=i;
+	ret->neg=0;
 	while (n-- > 0)
 		{
 		l=(l<<8L)| *(s++);
@@ -776,4 +776,3 @@ int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
 		}
 	return(0);
 	}