svn commit: r306335 - stable/9/crypto/openssl/crypto/bn
Xin LI
delphij at FreeBSD.org
Mon Sep 26 08:19:35 UTC 2016
Author: delphij
Date: Mon Sep 26 08:19:33 2016
New Revision: 306335
URL: https://svnweb.freebsd.org/changeset/base/306335
Log:
Apply upstream revision 3612ff6fcec0e3d1f2a598135fe12177c0419582:
Fix overflow check in BN_bn2dec()
Fix an off by one error in the overflow check added by 07bed46
("Check for errors in BN_bn2dec()").
This fixes a regression introduced in SA-16:26.openssl.
Submitted by: jkim
PR: 212921
Modified:
stable/9/crypto/openssl/crypto/bn/bn_print.c
Modified: stable/9/crypto/openssl/crypto/bn/bn_print.c
==============================================================================
--- stable/9/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:18:34 2016 (r306334)
+++ stable/9/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:19:33 2016 (r306335)
@@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a)
if (BN_is_negative(t))
*p++ = '-';
- i = 0;
while (!BN_is_zero(t)) {
+ if (lp - bn_data >= bn_data_num)
+ goto err;
*lp = BN_div_word(t, BN_DEC_CONV);
if (*lp == (BN_ULONG)-1)
goto err;
lp++;
- if (lp - bn_data >= bn_data_num)
- goto err;
}
lp--;
/*
More information about the svn-src-stable-9
mailing list