From a1ee83c6546c65d8f5b32acc4a0e1740858ee7d6 Mon Sep 17 00:00:00 2001 From: Nicolas Iooss Date: Mon, 28 Jun 2021 15:44:19 +0200 Subject: [PATCH] tests_exhaustive: check the result of secp256k1_ecdsa_sign If `secp256k1_ecdsa_sign` fails, the signature which is then loaded by `secp256k1_ecdsa_signature_load` is garbage. Exit early with an error when this occurs. --- src/tests_exhaustive.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/tests_exhaustive.c b/src/tests_exhaustive.c index b7c7828995..5b9a3035d9 100644 --- a/src/tests_exhaustive.c +++ b/src/tests_exhaustive.c @@ -302,6 +302,7 @@ void test_exhaustive_sign(const secp256k1_context *ctx, const secp256k1_ge *grou if (skip_section(&iter)) continue; for (k = 1; k < EXHAUSTIVE_TEST_ORDER; k++) { /* nonce */ const int starting_k = k; + int ret; secp256k1_ecdsa_signature sig; secp256k1_scalar sk, msg, r, s, expected_r; unsigned char sk32[32], msg32[32]; @@ -310,7 +311,8 @@ void test_exhaustive_sign(const secp256k1_context *ctx, const secp256k1_ge *grou secp256k1_scalar_get_b32(sk32, &sk); secp256k1_scalar_get_b32(msg32, &msg); - secp256k1_ecdsa_sign(ctx, &sig, msg32, sk32, secp256k1_nonce_function_smallint, &k); + ret = secp256k1_ecdsa_sign(ctx, &sig, msg32, sk32, secp256k1_nonce_function_smallint, &k); + CHECK(ret == 1); secp256k1_ecdsa_signature_load(ctx, &r, &s, &sig); /* Note that we compute expected_r *after* signing -- this is important