From 6aea58d0eafb93e85312960b4eda01f344e29e12 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 20 Jun 2014 12:00:00 -0700 Subject: [PATCH] Check for invalid divisors in BN_div. --- crypto/bn/div.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/bn/div.c b/crypto/bn/div.c index 5f92e9e3..5fc43dca 100644 --- a/crypto/bn/div.c +++ b/crypto/bn/div.c @@ -122,8 +122,9 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, int no_branch = 0; /* Invalid zero-padding would have particularly bad consequences - * in the case of 'num'. */ - if (num->top > 0 && num->d[num->top - 1] == 0) { + * so don't just rely on bn_check_top() here */ + if ((num->top > 0 && num->d[num->top - 1] == 0) || + (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) { OPENSSL_PUT_ERROR(BN, BN_div, BN_R_NOT_INITIALIZED); return 0; }