Check return from BN_sub
authorPauli <paul.dale@oracle.com>
Tue, 31 Jul 2018 03:11:00 +0000 (13:11 +1000)
committerPauli <paul.dale@oracle.com>
Tue, 31 Jul 2018 03:30:29 +0000 (13:30 +1000)
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6823)

crypto/rsa/rsa_ossl.c

index feb1ab4..c441905 100644 (file)
@@ -339,7 +339,8 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from,
             goto err;
 
     if (padding == RSA_X931_PADDING) {
-        BN_sub(f, rsa->n, ret);
+        if (!BN_sub(f, rsa->n, ret))
+            goto err;
         if (BN_cmp(ret, f) > 0)
             res = f;
         else