Merge elementsproject/secp256k1-zkp#136: Eliminate a wrong -Wmaybe-uninitialized warning in GCC

cc0b279568d6edaa0b966b4333a0008f4ef63efa Eliminate a wrong -Wmaybe-uninitialized warning in GCC (Tim Ruffing) Pull request description: ACKs for top commit: jonasnick: ACK cc0b279568d6edaa0b966b4333a0008f4ef63efa Tree-SHA512: ee9ae840ba7df471f566fc9b4d5bdf04e1d0759bd6fec1d1144e0e7b3f12603865371d238f8a2ee4648db88224e5ea582ab837c2cbc041d2582141736ebe5fd0
2021-07-14 13:56:36 +00:00 · 2021-07-14 13:56:36 +00:00 · d9560e0af7
commit d9560e0af7
parent 6db00f5b2e cc0b279568
1 changed files with 12 additions and 2 deletions
--- a/src/modules/rangeproof/main_impl.h
+++ b/src/modules/rangeproof/main_impl.h
@ -182,7 +182,15 @@ int secp256k1_pedersen_blind_generator_blind_sum(const secp256k1_context* ctx, c
    }

    secp256k1_scalar_set_int(&sum, 0);
-    for (i = 0; i < n_total; i++) {
+
+    /* Here, n_total > 0. Thus the loop runs at least once.
+       Thus we may use a do-while loop, which checks the loop
+       condition only at the end.
+
+       The do-while loop helps GCC prove that the loop runs at least
+       once and suppresses a -Wmaybe-uninitialized warning. */
+    i = 0;
+    do {
        int overflow = 0;
        secp256k1_scalar addend;
        secp256k1_scalar_set_u64(&addend, value[i]);  /* s = v */
@ -207,7 +215,9 @@ int secp256k1_pedersen_blind_generator_blind_sum(const secp256k1_context* ctx, c
        secp256k1_scalar_cond_negate(&addend, i < n_inputs);  /* s is negated if it's an input */
        secp256k1_scalar_add(&sum, &sum, &addend);    /* sum += s */
        secp256k1_scalar_clear(&addend);
-    }
+
+        i++;
+    } while (i < n_total);

    /* Right now tmp has the last pedersen blinding factor. Subtract the sum from it. */
    secp256k1_scalar_negate(&sum, &sum);