Hi All, I was looking at the bugs reported in openssl bignum implementation at: http://seclists.org/fulldisclosure/2013/Dec/8
Most of them are false positives or abuse of the API/internal bignum structure. I have put some details here: https://bugzilla.redhat.com/show_bug.cgi?id=1038999 There is only one which looks like a minor issue to me and i have an attached a patch to correct it. Consider the code-snippet below: BIGNUM *z,*o; BN_CTX *ctx = BN_CTX_new(); z = BN_new(); o = BN_new(); BN_zero(z); BN_one(o); BN_set_negative(o, 1); BN_sqr(o, z, ctx); printf("%s\n", BN_bn2hex(o)); I know its wrong to mangle 'o' before passing it to BN_sqr, but just in case someone does this, this patch should address the problem. commit 84a8e4cdb1a49808c44fc2ae3a1d5ef5c125c2a3 Author: Huzaifa Sidhpurwala <[email protected]> Date: Thu Jun 19 12:33:39 2014 +0530 Make sure BN_sqr can never return a negative number, even though the output BN is mangled diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c index 270d0cd..7b98e1c 100644 --- a/crypto/bn/bn_sqr.c +++ b/crypto/bn/bn_sqr.c @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; + r->neg=0; /* just to make sure */ return 1; } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
