Make BN_is_zero() check word values.

Rather than completely relying on top, check the words of a bignum.
This gets us one step away from being dependent on top and additionally
means that we correctly report zero even if top is not yet correct.

ok tb@

1 files changed, 9 insertions, 4 deletions

diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index b792250fbc..89e2713a0f 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.75 2023/02/14 18:06:06 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.76 2023/02/14 18:22:35 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -252,7 +252,6 @@ BN_num_bits(const BIGNUM *a)
 {
         int i = a->top - 1;
 
-
         if (BN_is_zero(a))
                 return 0;
         return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
@@ -917,9 +916,15 @@ BN_abs_is_word(const BIGNUM *a, const BN_ULONG w)
 }
 
 int
-BN_is_zero(const BIGNUM *a)
+BN_is_zero(const BIGNUM *bn)
 {
-        return a->top == 0;
+        BN_ULONG bits = 0;
+        int i;
+
+        for (i = 0; i < bn->top; i++)
+                bits |= bn->d[i];
+
+        return bits == 0;
 }
 
 int