diff --git a/ChangeLog b/ChangeLog index 6b2c96996..63eb30f5d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,8 @@ Bugfixes * Moved mpi_inv_mod() outside POLARSSL_GENPRIME * Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel Pégourié-Gonnard) + * Fixed possible segfault in mpi_shift_r() (found by Manuel + Pégourié-Gonnard) * Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 = Version 1.2.0 released 2012-10-31 diff --git a/library/bignum.c b/library/bignum.c index 23feb6a91..f2608c1df 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -611,6 +611,9 @@ int mpi_shift_r( mpi *X, size_t count ) v0 = count / biL; v1 = count & (biL - 1); + if( v0 > X->n || ( v0 == X->n && v1 > 0 ) ) + return mpi_lset( X, 0 ); + /* * shift by count / limb_size */ diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 67fa9c3b5..7197b6301 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -309,6 +309,18 @@ mpi_shift_r:10:"128":1:10:"64" Test mpi_shift_r #2 mpi_shift_r:10:"120815570979701484704906977000760567182871429114712069861589084706550626575967516787438008593490722779337547394120718248995900363209947025063336882559539208430319216688889117222633155838468458047056355241515415159736436403445579777425189969":45:10:"3433785053053426415343295076376096153094051405637175942660777670498379921354157795219578264137985649407981651226029903483433269093721578004287291678324982297860947730012217028349628999378309630601971640587504883789518896817457" +Test mpi_shift_r #4 +mpi_shift_r:16:"FFFFFFFFFFFFFFFF":63:16:"01" + +Test mpi_shift_r #4 +mpi_shift_r:16:"FFFFFFFFFFFFFFFF":64:16:"00" + +Test mpi_shift_r #6 +mpi_shift_r:16:"FFFFFFFFFFFFFFFF":65:16:"00" + +Test mpi_shift_r #7 +mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00" + Base test mpi_mul_mpi #1 mpi_mul_mpi:10:"5":10:"7":10:"35" diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 663539259..70d9b4f18 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -162,7 +162,7 @@ mpi_set_bit:radix_X:input_X:pos:val:radix_Y:output_Y TEST_ASSERT( mpi_set_bit( &X, {pos}, {val} ) == 0 ); TEST_ASSERT( mpi_cmp_mpi( &X, &Y ) == 0 ); - mpi_free( &X ); + mpi_free( &X ); mpi_free( &Y ); } END_CASE