Ensure that bn_expand()/bn_wexpand() fail on negative sizes.

ok tb@
author: jsing <> 2022-11-23 03:04:52 +0000
committer: jsing <> 2022-11-23 03:04:52 +0000
commit: bc4574576aa870ae46b89eb9506a76cdccea8db2 (patch)
tree: a5807adb02a41e094eba21805a53f33d802024c7 /src/lib
parent: 7b09303e41bcba8067b9975f2c3fa8ad2ef3fc33 (diff)
download: openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.tar.gz
openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.tar.bz2
openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 7c85e7ad08..15bbdf1273 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.58 2022/11/23 03:00:12 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.59 2022/11/23 03:04:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -377,6 +377,9 @@ bn_expand2(BIGNUM *b, int words)
 BIGNUM *
 bn_expand(BIGNUM *a, int bits)
 {
+        if (bits < 0)
+                return (NULL);
        if (bits > (INT_MAX - BN_BITS2 + 1))
                return (NULL);
@@ -389,6 +392,9 @@ bn_expand(BIGNUM *a, int bits)
 BIGNUM *
 bn_wexpand(BIGNUM *a, int words)
 {
+        if (words < 0)
+                return NULL;
        if (words <= a->dmax)
                return a;
author	jsing <>	2022-11-23 03:04:52 +0000
committer	jsing <>	2022-11-23 03:04:52 +0000
commit	bc4574576aa870ae46b89eb9506a76cdccea8db2 (patch)
tree	a5807adb02a41e094eba21805a53f33d802024c7 /src/lib
parent	7b09303e41bcba8067b9975f2c3fa8ad2ef3fc33 (diff)
download	openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.tar.gz openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.tar.bz2 openbsd-bc4574576aa870ae46b89eb9506a76cdccea8db2.zip