Workaround for BN_bn2mpi reading/writing out of bounds

When OpenSSL's BN_bn2mpi is passed a buffer of size 4, valgrind reports reading/writing one byte past it. I am unable to find evidence of this behaviour in BN_bn2mpi's source code, so it may be a spurious warning. However, this change is harmless, as only the bignum with value 0 results in an mpi serialization of size 4.
2012-02-18 13:32:25 +01:00 · 2012-02-18 13:32:25 +01:00 · a06113b0c5
commit a06113b0c5
parent 39231e9105
1 changed files with 1 additions and 1 deletions
--- a/src/bignum.h
+++ b/src/bignum.h
@ -243,7 +243,7 @@ public:
    std::vector<unsigned char> getvch() const
    {
        unsigned int nSize = BN_bn2mpi(this, NULL);
-        if (nSize < 4)
+        if (nSize <= 4)
            return std::vector<unsigned char>();
        std::vector<unsigned char> vch(nSize);
        BN_bn2mpi(this, &vch[0]);