Re: possible bug in BN_dec2bn()

2002-10-14 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Sat, 12 Oct 2002 11:04:56 -0700, David Brumley [EMAIL PROTECTED] said: dbrumley dbrumley The problem seems to be manifested in BN_dec2bn() because of dbrumley dbrumley the BN_mul_words and BN_add_words (e.g. line b). Since the dbrumley dbrumley upper parts of

Re: possible bug in BN_dec2bn()

2002-10-14 Thread Richard Levitte - VMS Whacker
The final patch is the following (applicable on 0.9.6g and up): Index: crypto/bn/bn_word.c === RCS file: /e/openssl/cvs/openssl/crypto/bn/bn_word.c,v retrieving revision 1.6 diff -u -u -r1.6 bn_word.c --- crypto/bn/bn_word.c

Re: possible bug in BN_dec2bn()

2002-10-14 Thread Bodo Moeller
On Mon, Oct 14, 2002 at 12:52:30PM +0200, Richard Levitte - VMS Whacker wrote: The problem seems to be manifested in BN_dec2bn() because of the BN_mul_words and BN_add_words (e.g. line b). Since the upper parts of d aren't cleared out, those routines end up adding to whatever junk happened

Re: possible bug in BN_dec2bn()

2002-10-14 Thread Ben Laurie
Bodo Moeller wrote: On Mon, Oct 14, 2002 at 12:52:30PM +0200, Richard Levitte - VMS Whacker wrote: The problem seems to be manifested in BN_dec2bn() because of the BN_mul_words and BN_add_words (e.g. line b). Since the upper parts of d aren't cleared out, those routines end up adding to

possible bug in BN_dec2bn()

2002-10-12 Thread David Brumley
Hi, I've discovered a possible {bug,something unexpected} in BN_dec2bn() in bn_print.c. I'll call it my problem until confirmed. System info in case it matters: openssl-0.9.6g Linux dollar 2.4.18-14 #1 Wed Sep 4 12:13:11 EDT 2002 i686 athlon i386 GNU/Linux The problem is when doing the

Re: possible bug in BN_dec2bn()

2002-10-12 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Fri, 11 Oct 2002 18:36:44 -0700, David Brumley [EMAIL PROTECTED] said: dbrumley I've discovered a possible {bug,something unexpected} in dbrumley BN_dec2bn() in bn_print.c. I'll call it my problem until dbrumley confirmed. [...] dbrumley The problem seems to be

Re: possible bug in BN_dec2bn()

2002-10-12 Thread Richard Levitte - VMS Whacker
Oh, and please tell us which version of OpenSSL you're using. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis--

Re: possible bug in BN_dec2bn()

2002-10-12 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Fri, 11 Oct 2002 18:36:44 -0700, David Brumley [EMAIL PROTECTED] said: dbrumley System info in case it matters: dbrumley openssl-0.9.6g dbrumley Linux dollar 2.4.18-14 #1 Wed Sep 4 12:13:11 EDT 2002 i686 athlon i386 dbrumley GNU/Linux Oh, never mind, you did

Re: possible bug in BN_dec2bn()

2002-10-12 Thread David Brumley
dbrumley BN_dec2bn() in bn_print.c. I'll call it my problem until dbrumley confirmed. [...] dbrumley The problem seems to be calling BN_dec2bn with an already dbrumley allocated BIGNUM that's been previously used. Inside dbrumley BN_dec2bn the code is something like: dbrumley int