X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/a47e8bba76c3b1826d62c000b707b285e70e1e78..f33ba69e92f389f5884eae5a586858a629a5260b:/sshbn.c

diff --git a/sshbn.c b/sshbn.c
index 37422271..d32eb1bb 100644
--- a/sshbn.c
+++ b/sshbn.c
@@ -3,6 +3,7 @@
  */
 
 #include <stdio.h>
+#include <assert.h>
 #include <stdlib.h>
 #include <string.h>
 
@@ -133,7 +134,7 @@ static void internal_add_shifted(BignumInt *number,
     int bshift = shift % BIGNUM_INT_BITS;
     BignumDblInt addend;
 
-    addend = n << bshift;
+    addend = (BignumDblInt)n << bshift;
 
     while (addend) {
 	addend += number[word];
@@ -226,16 +227,25 @@ static void internal_mod(BignumInt *a, int alen,
 
 /*
  * Compute (base ^ exp) % mod.
- * The base MUST be smaller than the modulus.
- * The most significant word of mod MUST be non-zero.
- * We assume that the result array is the same size as the mod array.
  */
-Bignum modpow(Bignum base, Bignum exp, Bignum mod)
+Bignum modpow(Bignum base_in, Bignum exp, Bignum mod)
 {
     BignumInt *a, *b, *n, *m;
     int mshift;
     int mlen, i, j;
-    Bignum result;
+    Bignum base, result;
+
+    /*
+     * The most significant word of mod needs to be non-zero. It
+     * should already be, but let's make sure.
+     */
+    assert(mod[mod[0]] != 0);
+
+    /*
+     * Make sure the base is smaller than the modulus, by reducing
+     * it modulo the modulus if not.
+     */
+    base = bigmod(base_in, mod);
 
     /* Allocate m of size mlen, copy mod to m */
     /* We use big endian internally */
@@ -331,6 +341,8 @@ Bignum modpow(Bignum base, Bignum exp, Bignum mod)
 	n[i] = 0;
     sfree(n);
 
+    freebn(base);
+
     return result;
 }
 
@@ -528,19 +540,25 @@ Bignum bignum_from_bytes(const unsigned char *data, int nbytes)
 
 /*
  * Read an ssh1-format bignum from a data buffer. Return the number
- * of bytes consumed.
+ * of bytes consumed, or -1 if there wasn't enough data.
  */
-int ssh1_read_bignum(const unsigned char *data, Bignum * result)
+int ssh1_read_bignum(const unsigned char *data, int len, Bignum * result)
 {
     const unsigned char *p = data;
     int i;
     int w, b;
 
+    if (len < 2)
+	return -1;
+
     w = 0;
     for (i = 0; i < 2; i++)
 	w = (w << 8) + *p++;
     b = (w + 7) / 8;		       /* bits -> bytes */
 
+    if (len < b+2)
+	return -1;
+
     if (!result)		       /* just return length */
 	return b + 2;
 
@@ -729,6 +747,7 @@ Bignum bigmuladd(Bignum a, Bignum b, Bignum addend)
     }
     ret[0] = maxspot;
 
+    sfree(workspace);
     return ret;
 }
 
@@ -814,7 +833,7 @@ unsigned short bignum_mod_short(Bignum number, unsigned short modulus)
     r = 0;
     mod = modulus;
     for (i = number[0]; i > 0; i--)
-	r = (r * 65536 + number[i]) % mod;
+	r = (r * (BIGNUM_TOP_BIT % mod) * 2 + number[i] % mod) % mod;
     return (unsigned short) r;
 }
 
@@ -908,6 +927,7 @@ Bignum modinv(Bignum number, Bignum modulus)
 	x = bigmuladd(q, xp, t);
 	sign = -sign;
 	freebn(t);
+	freebn(q);
     }
 
     freebn(b);
@@ -1009,5 +1029,6 @@ char *bignum_decimal(Bignum x)
     /*
      * Done.
      */
+    sfree(workspace);
     return ret;
 }