From 3c65047d30dacca345d30269b95af4a5c413e8d1 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Thu, 27 Aug 2015 17:17:26 -0400
Subject: [PATCH 1/1] Fix memory over-read

Fix from David Baggett via tweet.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 crypto/bn/bn_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index c8e8519d8b..2ca6beab36 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -553,7 +553,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
         return (NULL);
     bn_check_top(ret);
     /* Skip leading zero's. */
-    for ( ; *s == 0 && len > 0; s++, len--)
+    for ( ; len > 0 && *s == 0; s++, len--)
         continue;
     n = len;
     if (n == 0) {
-- 
2.34.1