From 602d8596ebe9fa7bb93bb0fdf980d017a288e535 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Thu, 29 Feb 2024 09:56:26 +0000
Subject: [PATCH] Fix overflow in bnrand()

Fixes #23704

Change-Id: I0352fdf7cbca6c9db5f2d662e0a29ac318111382
---
 crypto/bn/bn_rand.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index a94dfcecdf..6e3a4c9ef8 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -36,8 +36,8 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom,
     if (bits < 0 || (bits == 1 && top > 0))
         goto toosmall;
 
-    bytes = (bits + 7) / 8;
     bit = (bits - 1) % 8;
+    bytes = bits / 8 + (14 - bit) / 8;  /* Same as (bits + 7) / 8 but can't overflow */
     mask = 0xff << (bit + 1);
 
     buf = OPENSSL_malloc(bytes);