The final patch is the following (applicable on 0.9.6g and up): Index: crypto/bn/bn_word.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/bn/bn_word.c,v retrieving revision 1.6 diff -u -u -r1.6 bn_word.c --- crypto/bn/bn_word.c 2000/09/04 15:30:14 1.6 +++ crypto/bn/bn_word.c 2002/10/14 11:32:55 @@ -123,7 +123,10 @@ i=0; for (;;) { - l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; + if (i >= a->top) + l=w; + else + l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; a->d[i]=l; if (w > l) w=1;
-- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]