diff options
author | Werner Koch <wk@gnupg.org> | 2014-05-09 12:35:15 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2014-05-09 12:36:54 +0200 |
commit | 246b7aaae1ee459f440260bbc4ec2c01c5dc3362 (patch) | |
tree | 6103218f81d4c3a42d1a83cbc86430806375ec22 /mpi | |
parent | 42f097486eb1ab92f30fdab56865eec4af685def (diff) | |
download | libgcrypt-246b7aaae1ee459f440260bbc4ec2c01c5dc3362.tar.gz |
mpi: Fix a subtle bug setting spurious bits with in mpi_set_bit.
* mpi/mpi-bit.c (_gcry_mpi_set_bit, _gcry_mpi_set_highbit): Clear
allocated but not used bits before resizing.
* tests/t-mpi-bits.c (set_bit_with_resize): New.
--
Reported-by: Martin Sewelies.
This bug is probably with us for many years. Probably due to
different memory allocation patterns, it did first revealed itself
with 1.6. It could be the reason for other heisenbugs.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'mpi')
-rw-r--r-- | mpi/mpi-bit.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/mpi/mpi-bit.c b/mpi/mpi-bit.c index fcafda04..e2170401 100644 --- a/mpi/mpi-bit.c +++ b/mpi/mpi-bit.c @@ -116,7 +116,7 @@ _gcry_mpi_test_bit( gcry_mpi_t a, unsigned int n ) void _gcry_mpi_set_bit( gcry_mpi_t a, unsigned int n ) { - unsigned int limbno, bitno; + unsigned int i, limbno, bitno; if (mpi_is_immutable (a)) { @@ -129,6 +129,8 @@ _gcry_mpi_set_bit( gcry_mpi_t a, unsigned int n ) if ( limbno >= a->nlimbs ) { + for (i=a->nlimbs; i < a->alloced; i++) + a->d[i] = 0; mpi_resize (a, limbno+1 ); a->nlimbs = limbno+1; } @@ -141,7 +143,7 @@ _gcry_mpi_set_bit( gcry_mpi_t a, unsigned int n ) void _gcry_mpi_set_highbit( gcry_mpi_t a, unsigned int n ) { - unsigned int limbno, bitno; + unsigned int i, limbno, bitno; if (mpi_is_immutable (a)) { @@ -154,6 +156,8 @@ _gcry_mpi_set_highbit( gcry_mpi_t a, unsigned int n ) if ( limbno >= a->nlimbs ) { + for (i=a->nlimbs; i < a->alloced; i++) + a->d[i] = 0; mpi_resize (a, limbno+1 ); a->nlimbs = limbno+1; } |