From 82777bba349b6bda24a4f22a5bdc4e31877cd8a2 Mon Sep 17 00:00:00 2001
From: Tim Ruffing <crypto@timruffing.de>
Date: Thu, 20 Jul 2023 15:40:12 +0200
Subject: [PATCH] bppp: Fix test for invalid sign byte

The test is supposed to create an invalid sign byte. Before this PR,
the generated sign byte could in fact be valid due to an overflow.

Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
---
 src/modules/bppp/tests_impl.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/modules/bppp/tests_impl.h b/src/modules/bppp/tests_impl.h
index 4913cd4f..ce6cc318 100644
--- a/src/modules/bppp/tests_impl.h
+++ b/src/modules/bppp/tests_impl.h
@@ -256,7 +256,11 @@ static void test_serialize_two_points(void) {
         random_group_element_test(&X);
         random_group_element_test(&R);
         secp256k1_bppp_serialize_points(buf, &X, &R);
-        buf[0] |= 4 + (unsigned char)secp256k1_testrandi64(4, 255);
+
+        buf[0] = 4 + (unsigned char)secp256k1_testrandi64(0, 253);
+        /* Assert that buf[0] is actually invalid. */
+        CHECK(buf[0] != 0x02 && buf[0] != 0x03);
+
         CHECK(!secp256k1_bppp_parse_one_of_points(&X_tmp, buf, 0));
         CHECK(!secp256k1_bppp_parse_one_of_points(&R_tmp, buf, 0));
     }