From b67bd9e38cc07b13de2c1709461d45e771c72e70 Mon Sep 17 00:00:00 2001
From: Tim Ruffing <crypto@timruffing.de>
Date: Thu, 20 Jul 2023 15:40:12 +0200
Subject: [PATCH] bppp: Fix test for invalid sign byte

The test is supposed to create an invalid sign byte. Before this PR,
the generated sign byte could in fact be valid due to an overflow.

Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
---
 src/modules/bppp/tests_impl.h | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/modules/bppp/tests_impl.h b/src/modules/bppp/tests_impl.h
index eddb52405..0e4a9c365 100644
--- a/src/modules/bppp/tests_impl.h
+++ b/src/modules/bppp/tests_impl.h
@@ -254,10 +254,15 @@ void test_serialize_two_points(void) {
     {
         secp256k1_ge X_tmp, R_tmp;
         unsigned char buf[65];
+        unsigned char invalid_sign;
         random_group_element_test(&X);
         random_group_element_test(&R);
         secp256k1_bppp_serialize_points(buf, &X, &R);
-        buf[0] |= 4 + (unsigned char)secp256k1_testrandi64(4, 255);
+
+        buf[0] = 4 + (unsigned char)secp256k1_testrandi64(0, 253);
+        /* Assert that buf[0] is actually invalid. */
+        CHECK(buf[0] != 0x02 && buf[0] != 0x03)
+
         CHECK(!secp256k1_bppp_parse_one_of_points(&X_tmp, buf, 0));
         CHECK(!secp256k1_bppp_parse_one_of_points(&R_tmp, buf, 0));
     }