diff options
| author | jsing <> | 2023-02-13 04:25:37 +0000 |
|---|---|---|
| committer | jsing <> | 2023-02-13 04:25:37 +0000 |
| commit | 59402a8926d023550549cfdb576bcecdb23bb2bc (patch) | |
| tree | 3f4664b9d6259b538a970687b222189d9d59afb5 /src/lib/libcrypto/bn/bn_shift.c | |
| parent | b0f0ff7e648539633669f7fb4530b8d5fc901052 (diff) | |
| download | openbsd-59402a8926d023550549cfdb576bcecdb23bb2bc.tar.gz openbsd-59402a8926d023550549cfdb576bcecdb23bb2bc.tar.bz2 openbsd-59402a8926d023550549cfdb576bcecdb23bb2bc.zip | |
Avoid negative zero.
Whenever setting negative to one (or when it could potentially be one),
always use BN_set_negative() since it checks for a zero valued bignum and
will not permit negative to be set in this case. Since BN_is_zero()
currently relies on top == 0, call BN_set_negative() after top has been
set (or bn_correct_top() has been called).
This fixes a long standing issue where -0 and +0 have been permitted,
however multiple code paths (such as BN_cmp()) fail to treat these as
equivalent.
Prompted by Guido Vranken who is adding negative zero fuzzing to oss-fuzz.
ok tb@
Diffstat (limited to 'src/lib/libcrypto/bn/bn_shift.c')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_shift.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c index 5fd6687076..eee3436702 100644 --- a/src/lib/libcrypto/bn/bn_shift.c +++ b/src/lib/libcrypto/bn/bn_shift.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_shift.c,v 1.20 2023/01/11 04:26:24 jsing Exp $ */ | 1 | /* $OpenBSD: bn_shift.c,v 1.21 2023/02/13 04:25:37 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2022, 2023 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2022, 2023 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -83,10 +83,10 @@ bn_lshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | r->top = count; | 85 | r->top = count; |
| 86 | r->neg = a->neg; | ||
| 87 | |||
| 88 | bn_correct_top(r); | 86 | bn_correct_top(r); |
| 89 | 87 | ||
| 88 | BN_set_negative(r, a->neg); | ||
| 89 | |||
| 90 | return 1; | 90 | return 1; |
| 91 | } | 91 | } |
| 92 | 92 | ||
| @@ -139,10 +139,10 @@ bn_rshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 139 | *dst = *src >> rshift; | 139 | *dst = *src >> rshift; |
| 140 | 140 | ||
| 141 | r->top = count; | 141 | r->top = count; |
| 142 | r->neg = a->neg; | ||
| 143 | |||
| 144 | bn_correct_top(r); | 142 | bn_correct_top(r); |
| 145 | 143 | ||
| 144 | BN_set_negative(r, a->neg); | ||
| 145 | |||
| 146 | return 1; | 146 | return 1; |
| 147 | } | 147 | } |
| 148 | 148 | ||