diff options
| author | Matt Caswell <matt@openssl.org> | 2015-05-19 15:19:30 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-05-22 23:15:02 +0100 |
| commit | 7cc18d8158b5fc2676393d99b51c30c135502107 (patch) | |
| tree | 45d10d9d5128ff63ade1d546f43e9b138aa9fa6e /include/openssl/bn.h | |
| parent | 2c55a0bc93bf578757ec5c85bdb3abe9cf3f4893 (diff) | |
| download | openssl-new-7cc18d8158b5fc2676393d99b51c30c135502107.tar.gz | |
Reject negative shifts for BN_rshift and BN_lshift
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.
Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Diffstat (limited to 'include/openssl/bn.h')
| -rw-r--r-- | include/openssl/bn.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/openssl/bn.h b/include/openssl/bn.h index 9c53aaf05a..44f17374f2 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -711,6 +711,7 @@ void ERR_load_BN_strings(void); # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 # define BN_F_BN_GF2M_MOD_SQR 136 # define BN_F_BN_GF2M_MOD_SQRT 137 +# define BN_F_BN_LSHIFT 145 # define BN_F_BN_MOD_EXP2_MONT 118 # define BN_F_BN_MOD_EXP_MONT 109 # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 @@ -726,6 +727,7 @@ void ERR_load_BN_strings(void); # define BN_F_BN_NEW 113 # define BN_F_BN_RAND 114 # define BN_F_BN_RAND_RANGE 122 +# define BN_F_BN_RSHIFT 146 # define BN_F_BN_SET_WORDS 144 # define BN_F_BN_USUB 115 @@ -741,6 +743,7 @@ void ERR_load_BN_strings(void); # define BN_R_INPUT_NOT_REDUCED 110 # define BN_R_INVALID_LENGTH 106 # define BN_R_INVALID_RANGE 115 +# define BN_R_INVALID_SHIFT 119 # define BN_R_NOT_A_SQUARE 111 # define BN_R_NOT_INITIALIZED 107 # define BN_R_NO_INVERSE 108 |