CVS: cvs.openbsd.org: src

Joel Sing Tue, 14 Mar 2023 21:30:39 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     js...@cvs.openbsd.org   2023/03/14 22:30:20


Modified files:
        lib/libcrypto/bn: bn_exp.c 

Log message:
Ensure negative input to BN_mod_exp_mont_consttime() is correctly reduced.

A negative input to BN_mod_exp_mont_consttime() is not correctly reduced,
remaining negative (when it should be in the range [0, m)). Fix this by
unconditionally calling BN_nnmod() on the input.

Fixes ossfuzz #55997.

ok tb@

CVS: cvs.openbsd.org: src

Reply via email to