libmp: fix mpmod() aliasing bug when n == r and x < 0 (thanks aiju, mischief)
mischief found this in rsafill()'s call mpmod(c2, x, x), where d parameter is negative (rsagen created a rsa key with negative dk).
This commit is contained in:
parent
7f12431009
commit
96769e0476
|
@ -6,11 +6,15 @@ void
|
||||||
mpmod(mpint *x, mpint *n, mpint *r)
|
mpmod(mpint *x, mpint *n, mpint *r)
|
||||||
{
|
{
|
||||||
int sign;
|
int sign;
|
||||||
|
mpint *ns;
|
||||||
|
|
||||||
sign = x->sign;
|
sign = x->sign;
|
||||||
|
ns = sign < 0 && n == r ? mpcopy(n) : n;
|
||||||
if((n->flags & MPfield) == 0
|
if((n->flags & MPfield) == 0
|
||||||
|| ((Mfield*)n)->reduce((Mfield*)n, x, r) != 0)
|
|| ((Mfield*)n)->reduce((Mfield*)n, x, r) != 0)
|
||||||
mpdiv(x, n, nil, r);
|
mpdiv(x, n, nil, r);
|
||||||
if(sign < 0)
|
if(sign < 0){
|
||||||
mpmagsub(n, r, r);
|
mpmagsub(ns, r, r);
|
||||||
|
if(ns != n) mpfree(ns);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue