Skip to content
Commit c0de854c authored by Matt Caswell's avatar Matt Caswell
Browse files

Reject negative shifts for BN_rshift and BN_lshift



The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
(cherry picked from commit 7cc18d81)

Conflicts:
	crypto/bn/bn.h
	crypto/bn/bn_err.c
parent 155ca14e
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment