From a8af1ac53edacc13d47dd5ab6ca33b6b90f9f537 Mon Sep 17 00:00:00 2001 From: Kaz Kylheku Date: Fri, 21 May 2021 06:51:20 -0700 Subject: mpi: bug in range test predictes. * mpi/mpi.c (mp_in_range, s_mp_in_big_range): The ptrnd calculation here is wrong; it adds together dissimilar units: bits and bytes. In the case of mp_in_range, we are okay by fluke, because the calculation works out to 1 anyway. We would not be okay of a mp_digit was half the size of a pointer. In s_mp_in_big_range we have a problem. On 32 bit platforms, ptrnd is wrongly calculated as 1 rather than 2, and so values perfectly in range are rejected. --- mpi/mpi.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'mpi') diff --git a/mpi/mpi.c b/mpi/mpi.c index ad925c68..b49b93dc 100644 --- a/mpi/mpi.c +++ b/mpi/mpi.c @@ -455,7 +455,7 @@ mp_err mp_get_intptr(mp_int *mp, int_ptr_t *z) int mp_in_range(mp_int *mp, uint_ptr_t lim, int unsig) { - const unsigned ptrnd = (SIZEOF_PTR + MP_DIGIT_BIT - 1) / MP_DIGIT_BIT; + const unsigned ptrnd = (SIZEOF_PTR + MP_DIGIT_SIZE - 1) / MP_DIGIT_SIZE; mp_size nd = USED(mp); int neg = ISNEG(mp); @@ -561,13 +561,13 @@ mp_err mp_get_double_intptr(mp_int *mp, double_intptr_t *z) double_uintptr_t tmp = 0; mp_get_double_uintptr(mp, &tmp); /* Reliance on bitwise unsigned to two's complement conversion */ - *z = convert(int_ptr_t, tmp); + *z = convert(double_intptr_t, tmp); return MP_OKAY; } static int s_mp_in_big_range(mp_int *mp, double_uintptr_t lim, int unsig) { - const unsigned ptrnd = (SIZEOF_DOUBLE_INTPTR + MP_DIGIT_BIT - 1) / MP_DIGIT_BIT; + const unsigned ptrnd = (SIZEOF_DOUBLE_INTPTR + MP_DIGIT_SIZE - 1) / MP_DIGIT_SIZE; mp_size nd = USED(mp); if (unsig && ISNEG(mp)) -- cgit v1.2.3