Browse Source

Workaround for BN_bn2mpi reading/writing out of bounds

When OpenSSL's BN_bn2mpi is passed a buffer of size 4, valgrind
reports reading/writing one byte past it. I am unable to find
evidence of this behaviour in BN_bn2mpi's source code, so it may
be a spurious warning. However, this change is harmless, as only
the bignum with value 0 results in an mpi serialization of size 4.
0.8
Pieter Wuille 13 years ago
parent
commit
a06113b0c5
  1. 2
      src/bignum.h

2
src/bignum.h

@ -243,7 +243,7 @@ public: @@ -243,7 +243,7 @@ public:
std::vector<unsigned char> getvch() const
{
unsigned int nSize = BN_bn2mpi(this, NULL);
if (nSize < 4)
if (nSize <= 4)
return std::vector<unsigned char>();
std::vector<unsigned char> vch(nSize);
BN_bn2mpi(this, &vch[0]);

Loading…
Cancel
Save