frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Increase robustness against UB.

Browse Source 
Thanks to elichai2 who noted that the literal '1' is a signed integer, and that shifting a signed 32-bit integer by 31 bits causes an overflow and yields undefined behaviour.
While 'scalar_low_impl''s 'secp256k1_scalar_cadd_bit' is only used for testing purposes and currently the 'bit' parameter is only 0 or 1, it is better to avoid undefined behaviour in case the used domain of 'secp256k1_scalar_cadd_bit' expands.
This commit is contained in:
roconnor-blockstream 2019-07-03 11:23:20 -04:00 committed by Russell O'Connor
parent fa33017135
commit 8fe63e5654
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/scalar_low_impl.h
View File

@ -38,7 +38,7 @@ static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a,
static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag) { static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag) {
if (flag && bit < 32) if (flag && bit < 32)
*r += (1 << bit); *r += ((uint32_t)1 << bit);
#ifdef VERIFY #ifdef VERIFY
VERIFY_CHECK(secp256k1_scalar_check_overflow(r) == 0); VERIFY_CHECK(secp256k1_scalar_check_overflow(r) == 0);
#endif #endif