Add check for BN_sub return value

CID 24839

ok jsing@ millert@ tb@

diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c
index a45cad0..0f8c324 100644 (file)
--- a/lib/libcrypto/rsa/rsa_eay.c
+++ b/lib/libcrypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_eay.c,v 1.53 2022/01/07 09:55:32 tb Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.54 2022/01/20 11:10:11 inoguchi Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -447,7 +447,8 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
                        goto err;
 
        if (padding == RSA_X931_PADDING) {
-               BN_sub(f, rsa->n, ret);
+               if (!BN_sub(f, rsa->n, ret))
+                       goto err;
                if (BN_cmp(ret, f) > 0)
                        res = f;
                else