summaryrefslogtreecommitdiffstats
path: root/src/crypto/bn/prime.c
diff options
context:
space:
mode:
authorAdam Langley <agl@google.com>2015-05-11 17:20:37 -0700
committerKenny Root <kroot@google.com>2015-05-12 23:06:14 +0000
commite9ada863a7b3e81f5d2b1e3bdd2305da902a87f5 (patch)
tree6e43e34595ecf887c26c32b86d8ab097fe8cac64 /src/crypto/bn/prime.c
parentb3106a0cc1493bbe0505c0ec0ce3da4ca90a29ae (diff)
downloadexternal_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.gz
external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.bz2
external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.zip
external/boringssl: bump revision.
This change bumps the BoringSSL revision to the current tip-of-tree. Change-Id: I91d5bf467e16e8d86cb19a4de873985f524e5faa
Diffstat (limited to 'src/crypto/bn/prime.c')
-rw-r--r--src/crypto/bn/prime.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c
index fc9a3d5..cf3afcf 100644
--- a/src/crypto/bn/prime.c
+++ b/src/crypto/bn/prime.c
@@ -659,7 +659,13 @@ again:
/* If bits is so small that it fits into a single word then we
* additionally don't want to exceed that many bits. */
if (is_single_word) {
- BN_ULONG size_limit = (((BN_ULONG)1) << bits) - get_word(rnd) - 1;
+ BN_ULONG size_limit;
+ if (bits == BN_BITS2) {
+ /* Avoid undefined behavior. */
+ size_limit = ~((BN_ULONG)0) - get_word(rnd);
+ } else {
+ size_limit = (((BN_ULONG)1) << bits) - get_word(rnd) - 1;
+ }
if (size_limit < maxdelta) {
maxdelta = size_limit;
}
@@ -682,8 +688,9 @@ loop:
for (i = 1; i < NUMPRIMES && primes[i] < rnd_word; i++) {
if ((mods[i] + delta) % primes[i] == 0) {
delta += 2;
- if (delta > maxdelta)
+ if (delta > maxdelta) {
goto again;
+ }
goto loop;
}
}
@@ -693,8 +700,9 @@ loop:
* that gcd(rnd-1,primes) == 1 (except for 2) */
if (((mods[i] + delta) % primes[i]) <= 1) {
delta += 2;
- if (delta > maxdelta)
+ if (delta > maxdelta) {
goto again;
+ }
goto loop;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-28 09:52:15 +0000