From be1c32e4fa4b1b23ec06fbba9266e0f67f20913f Mon Sep 17 00:00:00 2001 From: drochner Date: Thu, 22 Apr 2010 14:28:48 +0000 Subject: fix an obvious flaw in bounds check: the array of precomputed primes could be overrun if its last entry (65537) was a factor of the input (this does not affect PR misc/43192 -- the factors are much larger here: 7742394596501*159455563099482401) --- factor/factor.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'factor') diff --git a/factor/factor.c b/factor/factor.c index c7913a54..670e8968 100644 --- a/factor/factor.c +++ b/factor/factor.c @@ -1,4 +1,4 @@ -/* $NetBSD: factor.c,v 1.19 2009/08/12 05:54:31 dholland Exp $ */ +/* $NetBSD: factor.c,v 1.20 2010/04/22 14:28:48 drochner Exp $ */ /* * Copyright (c) 1989, 1993 @@ -42,7 +42,7 @@ __COPYRIGHT("@(#) Copyright (c) 1989, 1993\ #if 0 static char sccsid[] = "@(#)factor.c 8.4 (Berkeley) 5/4/95"; #else -__RCSID("$NetBSD: factor.c,v 1.19 2009/08/12 05:54:31 dholland Exp $"); +__RCSID("$NetBSD: factor.c,v 1.20 2010/04/22 14:28:48 drochner Exp $"); #endif #endif /* not lint */ @@ -214,10 +214,11 @@ pr_fact(BIGNUM *val) putchar(':'); for (fact = &prime[0]; !BN_is_one(val); ++fact) { /* Look for the smallest factor. */ - do { + while (fact <= pr_limit) { if (BN_mod_word(val, (BN_ULONG)*fact) == 0) break; - } while (++fact <= pr_limit); + fact++; + } /* Watch for primes larger than the table. */ if (fact > pr_limit) { -- cgit v1.2.3-56-ge451