Merge bitcoin-core/secp256k1#990: Add comment on length checks when parsing ECDSA sigs

e02f313b1f251ccb363ae1ac24016d87c1be9009 Add comment on length checks when parsing ECDSA sigs (Tim Ruffing) Pull request description: I claim the check can be removed but I don't want to touch this stable and well-tested code. On the way, we fix grammar in another comment. ACKs for top commit: sipa: ACK e02f313b1f251ccb363ae1ac24016d87c1be9009 RandyMcMillan: ACK e02f313 Tree-SHA512: f82691a8f5db82a1e9683e52ce8e952ebd56b476a2817c5a876ce4638254b7b4ac93175318fb59598ed5532f33433951d75afea03724ef4419c3e1bd12ca8c20
2023-12-07 09:26:29 +01:00 · 2023-12-07 09:26:29 +01:00 · 5e9a4d7aec
commit 5e9a4d7aec
parent 4197d667ec e02f313b1f
1 changed files with 4 additions and 3 deletions
--- a/src/ecdsa_impl.h
+++ b/src/ecdsa_impl.h
@ -66,8 +66,7 @@ static int secp256k1_der_read_len(size_t *len, const unsigned char **sigp, const
    }
    if (lenleft > sizeof(size_t)) {
        /* The resulting length would exceed the range of a size_t, so
-         * certainly longer than the passed array size.
-         */
+         * it is certainly longer than the passed array size. */
        return 0;
    }
    while (lenleft > 0) {
@ -76,7 +75,9 @@ static int secp256k1_der_read_len(size_t *len, const unsigned char **sigp, const
        lenleft--;
    }
    if (*len > (size_t)(sigend - *sigp)) {
-        /* Result exceeds the length of the passed array. */
+        /* Result exceeds the length of the passed array.
+           (Checking this is the responsibility of the caller but it
+           can't hurt do it here, too.) */
        return 0;
    }
    if (*len < 128) {