Fix off-by-one in BN_rand

If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte buffer overflow can occur. There are no such instances within the OpenSSL at the moment. Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for discovering and reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-05-19 16:03:02 +0100
committer: Matt Caswell <matt@openssl.org> 2015-05-22 23:48:52 +0100
commit: f3b555a601d641448af8f2a7ef57c20db36f1b94 (patch)
tree: b17ae7c31634e065e7e0b940ef9ed01481d8490d /crypto/bn/bn.h
parent: c0de854c9d44569529fb562f0a193e81c395ce94 (diff)
download: openssl-f3b555a601d641448af8f2a7ef57c20db36f1b94.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 95dab585e8..fa3520b368 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -894,6 +894,7 @@ void ERR_load_BN_strings(void);
 # define BN_R_ARG2_LT_ARG3                                100
 # define BN_R_BAD_RECIPROCAL                              101
 # define BN_R_BIGNUM_TOO_LONG                             114
+# define BN_R_BITS_TOO_SMALL                              118
 # define BN_R_CALLED_WITH_EVEN_MODULUS                    102
 # define BN_R_DIV_BY_ZERO                                 103
 # define BN_R_ENCODING_ERROR                              104
author	Matt Caswell <matt@openssl.org>	2015-05-19 16:03:02 +0100
committer	Matt Caswell <matt@openssl.org>	2015-05-22 23:48:52 +0100
commit	f3b555a601d641448af8f2a7ef57c20db36f1b94 (patch)
tree	b17ae7c31634e065e7e0b940ef9ed01481d8490d /crypto/bn/bn.h
parent	c0de854c9d44569529fb562f0a193e81c395ce94 (diff)
download	openssl-f3b555a601d641448af8f2a7ef57c20db36f1b94.tar.gz