- Fixed incorrect handling of negative strings in mpi_read_string() (found by code coverage tests).
diff --git a/ChangeLog b/ChangeLog
index 9a1a52d..e84a355 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
PolarSSL ChangeLog
+= Version X released on X
+Bug fixes
+ * Fixed incorrect handling of negative strings in
+ mpi_read_string() (found by code coverage tests).
+
= Version 0.11.1 released on 2009-05-17
* Fixed missing functionality for SHA-224, SHA-256, SHA384,
SHA-512 in rsa_pkcs1_sign()
diff --git a/library/bignum.c b/library/bignum.c
index 4b8fa80..5c1de68 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -286,7 +286,15 @@
MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
MPI_CHK( mpi_mul_int( &T, X, radix ) );
- MPI_CHK( mpi_add_int( X, &T, d ) );
+
+ if( X->s == 1 )
+ {
+ MPI_CHK( mpi_add_int( X, &T, d ) );
+ }
+ else
+ {
+ MPI_CHK( mpi_sub_int( X, &T, d ) );
+ }
}
}