The final patch is the following (applicable on 0.9.6g and up):
Index: crypto/bn/bn_word.c
===================================================================
RCS file: /e/openssl/cvs/openssl/crypto/bn/bn_word.c,v
retrieving revision 1.6
diff -u -u -r1.6 bn_word.c
--- crypto/bn/bn_word.c 2000/09/04 15:30:14 1.6
+++ crypto/bn/bn_word.c 2002/10/14 11:32:55
@@ -123,7 +123,10 @@
i=0;
for (;;)
{
- l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+ if (i >= a->top)
+ l=w;
+ else
+ l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
a->d[i]=l;
if (w > l)
w=1;
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
