commit fe71f1d4a5cb07175a69dba53dd92ab7cd60a541
author David Benjamin <davidben@chromium.org> Tue Sep 01 00:21:46 2015 -0400
committer Adam Langley <agl@google.com> Tue Sep 01 19:10:01 2015 +0000
tree 3be4bb13b1f56e88f9bebd04875656673c5f728f
parent 8d100366e517da7816b71f41b52555959bb97db2

Fix spurious bn_test failures.

BN_rand generates a single-word zero BIGNUM with quite a large
probability.

A zero BIGNUM in turn will end up having a NULL |d|-buffer, which we
shouldn't dereference without checking.

(Imported from upstream's 9c989aaa749d88b63bef5d5beeb3046eae62d836.)

Change-Id: Ic4d113e4fcf4ea4c0a4e905a1c4ba3fb758d9fc6
Reviewed-on: https://boringssl-review.googlesource.com/5782
Reviewed-by: Adam Langley <agl@google.com>

crypto/bn/bn_test.cc

diff --git a/crypto/bn/bn_test.cc b/crypto/bn/bn_test.cc
index 74299c5..c7ea9cc 100644
--- a/crypto/bn/bn_test.cc
+++ b/crypto/bn/bn_test.cc
@@ -828,18 +828,17 @@
   }
 
   for (int i = 0; i < num0; i++) {
-    BN_ULONG s;
     do {
       if (!BN_rand(a.get(), 512, -1, 0) ||
           !BN_rand(b.get(), BN_BITS2, -1, 0)) {
         return false;
       }
-      s = b->d[0];
-    } while (!s);
+    } while (BN_is_zero(b.get()));
 
     if (!BN_copy(b.get(), a.get())) {
       return false;
     }
+    BN_ULONG s = b->d[0];
     BN_ULONG r = BN_div_word(b.get(), s);
     if (r == (BN_ULONG)-1) {
       return false;