From 7246869f7bf4069fd46eaa78fde65d0879dbfdcd Mon Sep 17 00:00:00 2001 From: mdw Date: Mon, 7 May 2001 17:31:19 +0000 Subject: [PATCH] Fix off-by one bug in mprand_range. Probably security critical: the old code generated numbers between zero and the highest power of 2 less than the given range. --- mprand.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/mprand.c b/mprand.c index d4acbb3..46e603c 100644 --- a/mprand.c +++ b/mprand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mprand.c,v 1.3 2000/06/17 11:45:09 mdw Exp $ + * $Id: mprand.c,v 1.4 2001/05/07 17:31:19 mdw Exp $ * * Generate a random multiprecision integer * @@ -30,6 +30,11 @@ /*----- Revision history --------------------------------------------------* * * $Log: mprand.c,v $ + * Revision 1.4 2001/05/07 17:31:19 mdw + * Fix off-by one bug in mprand_range. Probably security critical: the old + * code generated numbers between zero and the highest power of 2 less than + * the given range. + * * Revision 1.3 2000/06/17 11:45:09 mdw * Major memory management overhaul. Added arena support. Use the secure * arena for secret integers. Replace and improve the MP management macros @@ -137,7 +142,7 @@ mp *mprand_range(mp *d, mp *l, grand *r, mpw or) * As usual, the number of iterations expected is two. */ - b = (b - 1) & 7; + b = ((b - 1) & 7) + 1; m = (1 << b) - 1; do { r->ops->fill(r, v, sz); -- 2.11.0