diff options
author | Jack Lloyd <[email protected]> | 2018-02-27 09:28:13 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-02-27 09:32:06 -0500 |
commit | 74ca458b14d265b68ad25cf918aa216b3fa51103 (patch) | |
tree | 12384690d2d3deed8201040a877d8dbf7ab4b24c /src | |
parent | 5fcc1c70d7ae2b2bac8598629e576a7a484b770a (diff) |
Fix overflow in monty_redc
OSS-Fuzz caught a bug introduced in 5fcc1c70d7a. bigint_monty_redc
assumes z is 2*p_words+2 words long. Previously the implicit rounding
up in grow_to ensured a resize would result in a sufficiently large
value.
OSS-Fuzz 6581 6588 6593
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/pubkey/ec_group/curve_gfp.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/pubkey/ec_group/curve_gfp.cpp b/src/lib/pubkey/ec_group/curve_gfp.cpp index a55741fb0..1bca04d07 100644 --- a/src/lib/pubkey/ec_group/curve_gfp.cpp +++ b/src/lib/pubkey/ec_group/curve_gfp.cpp @@ -82,7 +82,7 @@ void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y, return; } - const size_t output_size = 2*m_p_words + 1; + const size_t output_size = 2*m_p_words + 2; ws.resize(2*(m_p_words+2)); if(z.size() < output_size) @@ -106,7 +106,7 @@ void CurveGFp_Montgomery::curve_sqr(BigInt& z, const BigInt& x, const size_t x_sw = x.sig_words(); BOTAN_ASSERT(x_sw <= m_p_words, "Input in range"); - const size_t output_size = 2*m_p_words + 1; + const size_t output_size = 2*m_p_words + 2; ws.resize(2*(m_p_words+2)); @@ -165,7 +165,7 @@ void CurveGFp_NIST::curve_mul(BigInt& z, const BigInt& x, const BigInt& y, } const size_t p_words = get_p_words(); - const size_t output_size = 2*p_words + 1; + const size_t output_size = 2*p_words + 2; ws.resize(2*(p_words+2)); @@ -188,7 +188,7 @@ void CurveGFp_NIST::curve_sqr(BigInt& z, const BigInt& x, } const size_t p_words = get_p_words(); - const size_t output_size = 2*p_words + 1; + const size_t output_size = 2*p_words + 2; ws.resize(2*(p_words+2)); |