From: Pieter Wuille <pieter.wuille@gmail.com>
Date: Sat, 18 Feb 2012 12:32:25 +0000 (+0100)
Subject: Workaround for BN_bn2mpi reading/writing out of bounds
X-Git-Tag: v0.4.0-unstable~129^2~1^2^2~2^2^2~47
X-Git-Url: https://git.novaco.in/?p=novacoin.git;a=commitdiff_plain;h=0e6c6e3fd1ab971c652e48fa04bac097e44e76fe

Workaround for BN_bn2mpi reading/writing out of bounds

When OpenSSL's BN_bn2mpi is passed a buffer of size 4, valgrind
reports reading/writing one byte past it. I am unable to find
evidence of this behaviour in BN_bn2mpi's source code, so it may
be a spurious warning. However, this change is harmless, as only
the bignum with value 0 results in an mpi serialization of size 4.
---

diff --git a/src/bignum.h b/src/bignum.h
index 1a2406b..6e8d3cb 100644
--- a/src/bignum.h
+++ b/src/bignum.h
@@ -243,7 +243,7 @@ public:
     std::vector<unsigned char> getvch() const
     {
         unsigned int nSize = BN_bn2mpi(this, NULL);
-        if (nSize < 4)
+        if (nSize <= 4)
             return std::vector<unsigned char>();
         std::vector<unsigned char> vch(nSize);
         BN_bn2mpi(this, &vch[0]);