diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2017-02-05 02:48:13 +0100 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2017-02-05 02:48:13 +0100 |
| commit | 96769e04765511047981e7962d91b979e841f01f (patch) | |
| tree | 50d0cbe23f6478a572429cb2cb808656241a78c0 /sys | |
| parent | 7f124310099b0ab12463b28f9d39104a8f17bc82 (diff) | |
libmp: fix mpmod() aliasing bug when n == r and x < 0 (thanks aiju, mischief)
mischief found this in rsafill()'s call mpmod(c2, x, x), where
d parameter is negative (rsagen created a rsa key with negative dk).
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/src/libmp/port/mpmod.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/sys/src/libmp/port/mpmod.c b/sys/src/libmp/port/mpmod.c index c02f72c9a..9ed17593c 100644 --- a/sys/src/libmp/port/mpmod.c +++ b/sys/src/libmp/port/mpmod.c @@ -6,11 +6,15 @@ void mpmod(mpint *x, mpint *n, mpint *r) { int sign; + mpint *ns; sign = x->sign; + ns = sign < 0 && n == r ? mpcopy(n) : n; if((n->flags & MPfield) == 0 || ((Mfield*)n)->reduce((Mfield*)n, x, r) != 0) mpdiv(x, n, nil, r); - if(sign < 0) - mpmagsub(n, r, r); + if(sign < 0){ + mpmagsub(ns, r, r); + if(ns != n) mpfree(ns); + } } |