From: inoguchi <inoguchi@openbsd.org>
Date: Thu, 20 Jan 2022 11:10:11 +0000 (+0000)
Subject: Add check for BN_sub return value
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=cadd873e0f6e9d77f05063176add9c03a99c16df;p=openbsd

Add check for BN_sub return value

CID 24839

ok jsing@ millert@ tb@
---

diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c
index a45cad0d0a9..0f8c324dccf 100644
--- a/lib/libcrypto/rsa/rsa_eay.c
+++ b/lib/libcrypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_eay.c,v 1.53 2022/01/07 09:55:32 tb Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.54 2022/01/20 11:10:11 inoguchi Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -447,7 +447,8 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 			goto err;
 
 	if (padding == RSA_X931_PADDING) {
-		BN_sub(f, rsa->n, ret);
+		if (!BN_sub(f, rsa->n, ret))
+			goto err;
 		if (BN_cmp(ret, f) > 0)
 			res = f;
 		else