diff --git a/CHANGES b/CHANGES index b8399a3500..b1ecc09d92 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Changes between 0.9.6d and 0.9.7 [XX xxx 2002] + *) Check the values of dna and dnb in bn_mul_recursive before calling + bn_mul_comba (a non zero value means the a or b arrays do not contain + n2 elements) and fallback to bn_mul_normal if either is not zero. + [Steve Henson] + *) Fix escaping of non-ASCII characters when using the -subj option of the "openssl req" command line tool. (Robert Joop ) [Lutz Jaenicke] diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index 41ea925b8d..7bffc9c16a 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -408,16 +408,22 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, return; } # endif - if (n2 == 8) + /* Only call bn_mul_comba 8 if n2 == 8 and the + * two arrays are complete [steve] + */ + if (n2 == 8 && dna == 0 && dnb == 0) { bn_mul_comba8(r,a,b); return; } # endif /* BN_MUL_COMBA */ + /* Else do normal multiply */ if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) { - /* This should not happen */ - bn_mul_normal(r,a,n2,b,n2); + bn_mul_normal(r,a,n2+dna,b,n2+dnb); + if ((dna + dnb) < 0) + memset(&r[2*n2 + dna + dnb], 0, + sizeof(BN_ULONG) * -(dna + dnb)); return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */