projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixed buffer overflow in private key decoding (wrong buffer length used in size check).
[BearSSL]
/
src
/
int
/
i15_modpow2.c
diff --git
a/src/int/i15_modpow2.c
b/src/int/i15_modpow2.c
index
37073a4
..
4b32118
100644
(file)
--- a/
src/int/i15_modpow2.c
+++ b/
src/int/i15_modpow2.c
@@
-134,11
+134,11
@@
br_i15_modpow_opt(uint16_t *x,
br_i15_zero(t2, m[0]);
base = t2 + mwlen;
for (u = 1; u < ((uint32_t)1 << k); u ++) {
br_i15_zero(t2, m[0]);
base = t2 + mwlen;
for (u = 1; u < ((uint32_t)1 << k); u ++) {
- uint32_t m;
+ uint32_t m
ask
;
- m = -EQ(u, bits);
+ m
ask
= -EQ(u, bits);
for (v = 1; v < mwlen; v ++) {
for (v = 1; v < mwlen; v ++) {
- t2[v] |= m & base[v];
+ t2[v] |= m
ask
& base[v];
}
base += mwlen;
}
}
base += mwlen;
}