pub/rsa-recover.c: Give up if we run out of prime numbers.

We have a 1/2 probability of winning for each prime, and `NPRIME' is at
least 256, so the chances of us giving up on an input which we could, in
fact, factor if we persevered are negligible.  We therefore neglect them.

diff --git a/pub/rsa-recover.c b/pub/rsa-recover.c
index bc3eda2..055d969 100644 (file)
--- a/pub/rsa-recover.c
+++ b/pub/rsa-recover.c
@@ -116,6 +116,7 @@ int rsa_recover(rsa_priv *rp)
        * is a failure.
        */
 
+      if (i > NPRIME) goto out;
       aw = primetab[i++];
       z = mpmont_mul(&mm, z, &a, mm.r2);
       z = mpmont_expr(&mm, z, z, t);