From d64359279d58ce509861604752a60f1d04e9d15b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Fri, 23 Jan 2015 15:50:23 +0000
Subject: [PATCH] Fix bug on s390

---
 ChangeLog                 | 3 +++
 include/polarssl/bn_mul.h | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 7845080b1..a6a4bc3b8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,9 @@ Bugfix
    * Fix memory leaks in PKCS#5 and PKCS#12.
    * Stack buffer overflow if ctr_drbg_update() is called with too large
      add_len (found by Jean-Philippe Aumasson) (not triggerable remotely).
+   * Fix bug in MPI/bugnum on s390/s390x (reported by Dan Horák) (introduced
+     in 1.2.12).
+
 
 Changes
    * Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined.
diff --git a/include/polarssl/bn_mul.h b/include/polarssl/bn_mul.h
index 7cab4713d..973bc7f9f 100644
--- a/include/polarssl/bn_mul.h
+++ b/include/polarssl/bn_mul.h
@@ -834,7 +834,7 @@
 #define MULADDC_CORE                    \
     r   = *(s++) * (t_udbl) b;          \
     r0  = (t_uint) r;                   \
-    r1  = (t_uint) r >> biL;            \
+    r1  = (t_uint) (r >> biL);          \
     r0 += c;  r1 += (r0 <  c);          \
     r0 += *d; r1 += (r0 < *d);          \
     c = r1; *(d++) = r0;