From 4442ab73d81f8e7f7813299bae0bada25990a5db Mon Sep 17 00:00:00 2001 From: tb Date: Mon, 7 Feb 2022 19:49:56 +0000 Subject: [PATCH] Avoid a NULL dereference in BN_mod_exp2_mont() This is a very rarely used function and the crash is hard to reach in practice. Instead of implementing BN_is_odd() badly by hand, just call the real thing. Reported by Guido Vranken ok beck jsing --- lib/libcrypto/bn/bn_exp2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/bn/bn_exp2.c b/lib/libcrypto/bn/bn_exp2.c index 372e1ee4ee8..c63503f941b 100644 --- a/lib/libcrypto/bn/bn_exp2.c +++ b/lib/libcrypto/bn/bn_exp2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp2.c,v 1.12 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: bn_exp2.c,v 1.13 2022/02/07 19:49:56 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -136,7 +136,7 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, bn_check_top(p2); bn_check_top(m); - if (!(m->d[0] & 1)) { + if (!BN_is_odd(m)) { BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); return (0); } -- 2.20.1