From 2fc9b36a96ccd77cbd9ecfb3a3cdaa7ad2ca305e Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Thu, 6 Oct 2016 09:02:38 -0500 Subject: [PATCH] bn: catch negative zero as an error Change-Id: I5ab72ad0aae9069b47d5b7b7b9e25bd1b7afa251 Signed-off-by: Geoff Thorpe Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/1672) --- crypto/bn/bn_lcl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index b5be6fc814..5fb3814554 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -177,8 +177,8 @@ int RAND_bytes(unsigned char *buf, int num); do { \ const BIGNUM *_bnum2 = (a); \ if (_bnum2 != NULL) { \ - OPENSSL_assert((_bnum2->top == 0) || \ - (_bnum2->d[_bnum2->top - 1] != 0)); \ + OPENSSL_assert(((_bnum2->top == 0) && !_bnum2->neg) || \ + (_bnum2->top && (_bnum2->d[_bnum2->top - 1] != 0))); \ bn_pollute(_bnum2); \ } \ } while(0)