From 65ffea43d5ad4fdae43233ec1e54f5b6dd71d26d Mon Sep 17 00:00:00 2001
From: Andrew Poelstra <apoelstra@wpsoftware.net>
Date: Tue, 2 Oct 2018 16:23:08 +0000
Subject: [PATCH] rangeproof: check that points deserialize correctly when
 verifying rangeproof

---
 src/modules/rangeproof/rangeproof_impl.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/modules/rangeproof/rangeproof_impl.h b/src/modules/rangeproof/rangeproof_impl.h
index 8d4dc654..8056f0a7 100644
--- a/src/modules/rangeproof/rangeproof_impl.h
+++ b/src/modules/rangeproof/rangeproof_impl.h
@@ -609,8 +609,10 @@ SECP256K1_INLINE static int secp256k1_rangeproof_verify_impl(const secp256k1_ecm
     }
     for(i = 0; i < rings - 1; i++) {
         secp256k1_fe fe;
-        secp256k1_fe_set_b32(&fe, &proof[offset]);
-        secp256k1_ge_set_xquad(&c, &fe);
+        if (!secp256k1_fe_set_b32(&fe, &proof[offset]) ||
+            !secp256k1_ge_set_xquad(&c, &fe)) {
+            return 0;
+        }
         if (signs[i]) {
             secp256k1_ge_neg(&c, &c);
         }