diff options
author | Matt Caswell <matt@openssl.org> | 2015-05-19 15:19:30 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-05-22 23:15:02 +0100 |
commit | 7cc18d8158b5fc2676393d99b51c30c135502107 (patch) | |
tree | 45d10d9d5128ff63ade1d546f43e9b138aa9fa6e /crypto/bn/bn_shift.c | |
parent | 2c55a0bc93bf578757ec5c85bdb3abe9cf3f4893 (diff) | |
download | openssl-7cc18d8158b5fc2676393d99b51c30c135502107.tar.gz |
Reject negative shifts for BN_rshift and BN_lshift
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.
Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Diffstat (limited to 'crypto/bn/bn_shift.c')
-rw-r--r-- | crypto/bn/bn_shift.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c index 1b38bd861a..4e43a60b22 100644 --- a/crypto/bn/bn_shift.c +++ b/crypto/bn/bn_shift.c @@ -136,6 +136,11 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) bn_check_top(r); bn_check_top(a); + if (n < 0) { + BNerr(BN_F_BN_LSHIFT, BN_R_INVALID_SHIFT); + return 0; + } + r->neg = a->neg; nw = n / BN_BITS2; if (bn_wexpand(r, a->top + nw + 1) == NULL) @@ -170,6 +175,11 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) bn_check_top(r); bn_check_top(a); + if (n < 0) { + BNerr(BN_F_BN_RSHIFT, BN_R_INVALID_SHIFT); + return 0; + } + nw = n / BN_BITS2; rb = n % BN_BITS2; lb = BN_BITS2 - rb; |