From e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Mon, 11 May 2015 17:20:37 -0700
Subject: external/boringssl: bump revision.

This change bumps the BoringSSL revision to the current tip-of-tree.

Change-Id: I91d5bf467e16e8d86cb19a4de873985f524e5faa
---
 src/crypto/bn/prime.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'src/crypto/bn/prime.c')

diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c
index fc9a3d5..cf3afcf 100644
--- a/src/crypto/bn/prime.c
+++ b/src/crypto/bn/prime.c
@@ -659,7 +659,13 @@ again:
   /* If bits is so small that it fits into a single word then we
    * additionally don't want to exceed that many bits. */
   if (is_single_word) {
-    BN_ULONG size_limit = (((BN_ULONG)1) << bits) - get_word(rnd) - 1;
+    BN_ULONG size_limit;
+    if (bits == BN_BITS2) {
+      /* Avoid undefined behavior. */
+      size_limit = ~((BN_ULONG)0) - get_word(rnd);
+    } else {
+      size_limit = (((BN_ULONG)1) << bits) - get_word(rnd) - 1;
+    }
     if (size_limit < maxdelta) {
       maxdelta = size_limit;
     }
@@ -682,8 +688,9 @@ loop:
     for (i = 1; i < NUMPRIMES && primes[i] < rnd_word; i++) {
       if ((mods[i] + delta) % primes[i] == 0) {
         delta += 2;
-        if (delta > maxdelta)
+        if (delta > maxdelta) {
           goto again;
+        }
         goto loop;
       }
     }
@@ -693,8 +700,9 @@ loop:
        * that gcd(rnd-1,primes) == 1 (except for 2) */
       if (((mods[i] + delta) % primes[i]) <= 1) {
         delta += 2;
-        if (delta > maxdelta)
+        if (delta > maxdelta) {
           goto again;
+        }
         goto loop;
       }
     }
-- 
cgit v1.2.3