openssl: Sync with upstream 1.0.2l

author: Rémi Verschelde <rverschelde@gmail.com> 2017-05-27 17:50:43 +0200
committer: Rémi Verschelde <rverschelde@gmail.com> 2017-05-27 19:08:07 +0200
commit: 67305d1b0a6dbcdb032d5a5a0e92122cf8f10b8d (patch)
tree: 3502be2b2ae57c73fa21bd7b4a20dc02aab3aa06 /thirdparty/openssl/crypto/bn/bn_word.c
parent: 996f1ae29e8d9bd2719f0dc72bfde6a8d77b1b12 (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/thirdparty/openssl/crypto/bn/bn_word.c b/thirdparty/openssl/crypto/bn/bn_word.c
index b031a60b5b..9b5f9cb98c 100644
--- a/thirdparty/openssl/crypto/bn/bn_word.c
+++ b/thirdparty/openssl/crypto/bn/bn_word.c
@@ -72,10 +72,32 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
     if (w == 0)
         return (BN_ULONG)-1;
 
+#ifndef BN_LLONG
+    /*
+     * If |w| is too long and we don't have BN_ULLONG then we need to fall
+     * back to using BN_div_word
+     */
+    if (w > ((BN_ULONG)1 << BN_BITS4)) {
+        BIGNUM *tmp = BN_dup(a);
+        if (tmp == NULL)
+            return (BN_ULONG)-1;
+
+        ret = BN_div_word(tmp, w);
+        BN_free(tmp);
+
+        return ret;
+    }
+#endif
+
     bn_check_top(a);
     w &= BN_MASK2;
     for (i = a->top - 1; i >= 0; i--) {
 #ifndef BN_LLONG
+        /*
+         * We can assume here that | w <= ((BN_ULONG)1 << BN_BITS4) | and so
+         * | ret < ((BN_ULONG)1 << BN_BITS4) | and therefore the shifts here are
+         * safe and will not overflow
+         */
         ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
         ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
 #else
author	Rémi Verschelde <rverschelde@gmail.com>	2017-05-27 17:50:43 +0200
committer	Rémi Verschelde <rverschelde@gmail.com>	2017-05-27 19:08:07 +0200
commit	67305d1b0a6dbcdb032d5a5a0e92122cf8f10b8d (patch)
tree	3502be2b2ae57c73fa21bd7b4a20dc02aab3aa06 /thirdparty/openssl/crypto/bn/bn_word.c
parent	996f1ae29e8d9bd2719f0dc72bfde6a8d77b1b12 (diff)