From df1ed3ba6e7b683fedf1de17b8cbd951937f7196 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Thu, 3 Jan 2019 10:37:19 +0000
Subject: [PATCH] Fix goof in mp_reduce_mod_2to.

It correctly masked off bits in the partial word, but then left all
higher words _unchanged_ rather than zeroing them.

Apparently its use in mp_invert_mod_2to was in restricted enough
circumstances not to cause a failure there!
---
 mpint.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mpint.c b/mpint.c
index bc587049..203298c2 100644
--- a/mpint.c
+++ b/mpint.c
@@ -1124,7 +1124,7 @@ void mp_reduce_mod_2to(mp_int *x, size_t p)
     size_t mask = ((size_t)1 << (p % BIGNUM_INT_BITS)) - 1;
     for (; word < x->nw; word++) {
         x->w[word] &= mask;
-        mask = -(size_t)1;
+        mask = 0;
     }
 }