From 0fdd71f98152d655a9c157458a202cbb03b019c9 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Fri, 27 Jun 2014 22:02:07 +0000
Subject: When building a BN on the stack in BN_div(), make sure to initialize
 all its fields (i.e. the flags field) before using it. This is currently
 harmless, but might not be if we end up invoking other BN functions checking
 for constant-time processing requirement in the future.

---
 src/lib/libcrypto/bn/bn_div.c         | 3 ++-
 src/lib/libssl/src/crypto/bn/bn_div.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
index 3774a63611..2f45a412b4 100644
--- a/src/lib/libcrypto/bn/bn_div.c
+++ b/src/lib/libcrypto/bn/bn_div.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_div.c,v 1.19 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: bn_div.c,v 1.20 2014/06/27 22:02:07 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -209,6 +209,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	wnum.top = div_n;
 	/* only needed when BN_ucmp messes up the values between top and max */
 	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
+	wnum.flags = snum->flags | BN_FLG_STATIC_DATA;
 
 	/* Get the top 2 words of sdiv */
 	/* div_n=sdiv->top; */
diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c
index 3774a63611..2f45a412b4 100644
--- a/src/lib/libssl/src/crypto/bn/bn_div.c
+++ b/src/lib/libssl/src/crypto/bn/bn_div.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_div.c,v 1.19 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: bn_div.c,v 1.20 2014/06/27 22:02:07 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -209,6 +209,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	wnum.top = div_n;
 	/* only needed when BN_ucmp messes up the values between top and max */
 	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
+	wnum.flags = snum->flags | BN_FLG_STATIC_DATA;
 
 	/* Get the top 2 words of sdiv */
 	/* div_n=sdiv->top; */
-- 
cgit v1.2.3-55-g6feb