From 50f587c36f4cb673c7fb79adf453b7af0c6e8ab0 Mon Sep 17 00:00:00 2001
From: Giovanni Bajo <rasky@develer.com>
Date: Tue, 20 Sep 2011 11:02:53 +0200
Subject: [PATCH] Bugfix: clear the exceeding destination digits.

Currently, the fp_sqr_comba_* functions do not fully clear the destination
number, but only overwrites the digits they care about. Eg: if
you call a comba4, it will overwrite the first 8 digits and leave
the others unchanged.

On the other hand, fp_mul_comba_* functions do *not* check incoming
unused digits (relying on the guarantee that they must be zero),
so they will happily compute the wrong result if those digits
are not empty. Testcase for a 32-bit system:

   char buf[64];
   fp_int num, num2, d;

   memset(buf, 0xFF, sizeof(buf);
   fp_read_unsigned_bin(&num, buf);
   fp_set(&d, 1);

   fp_sqr_comba_3(&d, &num);
   // now num is { 0x1, 0x0, 0x0, 0x0, 0x0, 0x0,
   //              0xFFFFFFFF, 0xFFFFFFFF ... }
   // only first 6 digits have been written, but even
   // if num.used is correctly set to 6, this can trigger
   // bugs.

   // Create a number larger than 6 digits
   fp_2expt(&num2, 8*32+4);

   fp_mul_comba_8(&num, &num2, &num2);
   // wrong result has been computed, because the first 8
   // digits of num have been read and multiplied
   // even if num->used == 6, relying on the fact that
   // they should be zero.
---
 src/generators/comba_sqr_gen.c      | 3 ++-
 src/generators/comba_sqr_smallgen.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/generators/comba_sqr_gen.c b/src/generators/comba_sqr_gen.c
index 57e0737..a949294 100644
--- a/src/generators/comba_sqr_gen.c
+++ b/src/generators/comba_sqr_gen.c
@@ -90,8 +90,9 @@ printf(
 "   B->used = %d;\n"
 "   B->sign = FP_ZPOS;\n"
 "   memcpy(B->dp, b, %d * sizeof(fp_digit));\n"
+"   memset(B->dp + %d, 0, (FP_SIZE - %d) * sizeof(fp_digit));\n"
 "   fp_clamp(B);\n"
-"}\n#endif\n\n\n", N+N, N+N);
+"}\n#endif\n\n\n", N+N, N+N, N+N, N+N);
 
   return 0;
 }
diff --git a/src/generators/comba_sqr_smallgen.c b/src/generators/comba_sqr_smallgen.c
index c6e58c9..d8d62fe 100644
--- a/src/generators/comba_sqr_smallgen.c
+++ b/src/generators/comba_sqr_smallgen.c
@@ -95,8 +95,9 @@ printf(
 "      B->used = %d;\n"
 "      B->sign = FP_ZPOS;\n"
 "      memcpy(B->dp, b, %d * sizeof(fp_digit));\n"
+"      memset(B->dp + %d, 0, (FP_SIZE - %d) * sizeof(fp_digit));\n"
 "      fp_clamp(B);\n"
-"      break;\n\n", N+N, N+N);
+"      break;\n\n", N+N, N+N, N+N, N+N);
 }
 
 printf("}\n\n}\n");