Skip to content

Commit

Permalink
Add comment on length checks when parsing ECDSA sigs
Browse files Browse the repository at this point in the history
I claim the check can be removed but I don't want to touch this
stable and well-tested code.

On the way, we fix grammar in another comment.
  • Loading branch information
real-or-random committed Oct 17, 2021
1 parent 920a0e5 commit e02f313
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions src/ecdsa_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,7 @@ static int secp256k1_der_read_len(size_t *len, const unsigned char **sigp, const
}
if (lenleft > sizeof(size_t)) {
/* The resulting length would exceed the range of a size_t, so
* certainly longer than the passed array size.
*/
* it is certainly longer than the passed array size. */
return 0;
}
while (lenleft > 0) {
Expand All @@ -89,7 +88,9 @@ static int secp256k1_der_read_len(size_t *len, const unsigned char **sigp, const
lenleft--;
}
if (*len > (size_t)(sigend - *sigp)) {
/* Result exceeds the length of the passed array. */
/* Result exceeds the length of the passed array.
(Checking this is the responsibility of the caller but it
can't hurt do it here, too.) */
return 0;
}
if (*len < 128) {
Expand Down

0 comments on commit e02f313

Please sign in to comment.