root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Fix overflow in bnrand() 

Fixes #23704

Change-Id: I0352fdf7cbca6c9db5f2d662e0a29ac318111382
This commit is contained in:
Tom Cosgrove 2024-02-29 09:56:26 +00:00
parent 2d70cc9cec
commit 602d8596eb
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/bn/bn_rand.c
View File

@ -36,8 +36,8 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom,
if (bits < 0 || (bits == 1 && top > 0))
goto toosmall;
bytes = (bits + 7) / 8;
bit = (bits - 1) % 8;
bytes = bits / 8 + (14 - bit) / 8; /* Same as (bits + 7) / 8 but can't overflow */
mask = 0xff << (bit + 1);
buf = OPENSSL_malloc(bytes);