status-im
/
secp256k1
mirror of https://github.com/status-im/secp256k1.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge #879: Avoid passing out-of-bound pointers to 0-size memcpy 

9570f674cc Avoid passing out-of-bound pointers to 0-size memcpy (Pieter Wuille)

Pull request description:

  Doing so could be considered UB in a pedantic interpretation of the standard. Avoid it.

  Closes #876.

ACKs for top commit:
  practicalswift:
    cr ACK 9570f674cc729cafcba65f4cce03552d9a6108f4: patch looks correct
  real-or-random:
    ACK 9570f674cc

Tree-SHA512: f991462d72e39f14e609021b8427c2e6756009bc8cd21efca2da46ec9410250725a4fed662df20fcdcfd10a4dc59038f13e8c166362b2eadde4366586b9ca72b
This commit is contained in:
Tim Ruffing 2021-06-16 10:20:38 +02:00
parent 1758a92ffd 9570f674cc
commit 8ae56e33e7
No known key found for this signature in database
GPG Key ID: 8C461CCD293F6011
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/lax_der_parsing.c
View File

@ -120,7 +120,7 @@ int ecdsa_signature_parse_der_lax(const secp256k1_context* ctx, secp256k1_ecdsa_
/* Copy R value */
if (rlen > 32) {
overflow = 1;
} else {
} else if (rlen) {
memcpy(tmpsig + 32 - rlen, input + rpos, rlen);
}
@ -132,7 +132,7 @@ int ecdsa_signature_parse_der_lax(const secp256k1_context* ctx, secp256k1_ecdsa_
/* Copy S value */
if (slen > 32) {
overflow = 1;
} else {
} else if (slen) {
memcpy(tmpsig + 64 - slen, input + spos, slen);
}

2
contrib/lax_der_privatekey_parsing.c
View File

@ -44,7 +44,7 @@ int ec_privkey_import_der(const secp256k1_context* ctx, unsigned char *out32, co
if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
return 0;
}
memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
if (privkey[1]) memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
if (!secp256k1_ec_seckey_verify(ctx, out32)) {
memset(out32, 0, 32);
return 0;

2
src/ecdsa_impl.h
View File

@ -140,7 +140,7 @@ static int secp256k1_der_parse_integer(secp256k1_scalar *r, const unsigned char
overflow = 1;
}
if (!overflow) {
memcpy(ra + 32 - rlen, *sig, rlen);
if (rlen) memcpy(ra + 32 - rlen, *sig, rlen);
secp256k1_scalar_set_b32(r, ra, &overflow);
}
if (overflow) {