On Mon, Oct 14, 2002 at 12:52:30PM +0200, Richard Levitte - VMS Whacker wrote:
>>>> The problem seems to be manifested in BN_dec2bn() because of >>>> the BN_mul_words and BN_add_words (e.g. line b). Since the >>>> upper parts of d aren't cleared out, those routines end up >>>> adding to whatever junk happened to be left in d from the >>>> previous iteration. > Thanks, I found the bug. It seems like BN_add_word() (and > BN_mul_word()) advances top without zeroing the next word. The result > is that the value of that next word gets added to whatever is given as > the next word to add. The simplest (and fastest, I believe) way to > handle that is to have those functions zero the next word if top > advances. Another theory is that any words in the array between 'top' and 'max' are supposed to be zero -- there's much code with the sole purpose to achieve this. The problem is that this does not *always* happen (otherwise this would not haven been a bug, and I believe there are other cases); so maybe we can say that these words are zero for aesthetical reasons, but technically are 'don't care'. -- Bodo M�ller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
