From 603c33bc8079f7e1a4851dbef629a2b91e13bbef Mon Sep 17 00:00:00 2001
From: Pieter Wuille <pieter.wuille@gmail.com>
Date: Thu, 18 Dec 2014 01:28:06 +0100
Subject: [PATCH] Make signing fail if a too small buffer is passed.

Bug discovered by Sergio Demian Lerner.
---
 src/secp256k1.c | 2 +-
 src/tests.c     | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/secp256k1.c b/src/secp256k1.c
index 0328db8..4fb2d0a 100644
--- a/src/secp256k1.c
+++ b/src/secp256k1.c
@@ -88,7 +88,7 @@ int secp256k1_ecdsa_sign(const unsigned char *msg32, unsigned char *signature, i
         ret = secp256k1_ecdsa_sig_sign(&sig, &sec, &msg, &non, NULL);
     }
     if (ret) {
-        secp256k1_ecdsa_sig_serialize(signature, signaturelen, &sig);
+        ret = secp256k1_ecdsa_sig_serialize(signature, signaturelen, &sig);
     }
     secp256k1_scalar_clear(&msg);
     secp256k1_scalar_clear(&non);
diff --git a/src/tests.c b/src/tests.c
index 7ebb19f..8ba1f28 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -1298,6 +1298,8 @@ void test_ecdsa_edge_cases(void) {
         msg[31] = 0xaa;
         siglen = 72;
         CHECK(secp256k1_ecdsa_sign(msg, sig, &siglen, key, nonce) == 1);
+        siglen = 10;
+        CHECK(secp256k1_ecdsa_sign(msg, sig, &siglen, key, nonce) != 1);
     }
 
     /* Privkey export where pubkey is the point at infinity. */