Skip to content

Commit c6e3a7b

Browse files
roconnor-blockstreamroconnor-blockstream
committed
Update overflow check
One does not simply check for integer overlow.
1 parent 5757318 commit c6e3a7b

File tree

2 files changed

+8
-4
lines changed

2 files changed

+8
-4
lines changed

src/modinv32_impl.h

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -415,9 +415,11 @@ static void secp256k1_modinv32_update_de_30(secp256k1_modinv32_signed30 *d, secp
415415
VERIFY_CHECK(secp256k1_modinv32_mul_cmp_30(d, 9, &modinfo->modulus, 1) < 0); /* d < modulus */
416416
VERIFY_CHECK(secp256k1_modinv32_mul_cmp_30(e, 9, &modinfo->modulus, -2) > 0); /* e > -2*modulus */
417417
VERIFY_CHECK(secp256k1_modinv32_mul_cmp_30(e, 9, &modinfo->modulus, 1) < 0); /* e < modulus */
418-
VERIFY_CHECK((labs(u) + labs(v)) >= 0); /* |u|+|v| doesn't overflow */
419-
VERIFY_CHECK((labs(q) + labs(r)) >= 0); /* |q|+|r| doesn't overflow */
418+
VERIFY_CHECK(labs(u) <= M30 + 1); /* |u| <= 2^30 */
419+
VERIFY_CHECK(labs(v) <= M30 + 1); /* |v| <= 2^30 */
420420
VERIFY_CHECK((labs(u) + labs(v)) <= M30 + 1); /* |u|+|v| <= 2^30 */
421+
VERIFY_CHECK(labs(q) <= M30 + 1); /* |q| <= 2^30 */
422+
VERIFY_CHECK(labs(r) <= M30 + 1); /* |r| <= 2^30 */
421423
VERIFY_CHECK((labs(q) + labs(r)) <= M30 + 1); /* |q|+|r| <= 2^30 */
422424
#endif
423425
/* [md,me] start as zero; plus [u,q] if d is negative; plus [v,r] if e is negative. */

src/modinv64_impl.h

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -419,9 +419,11 @@ static void secp256k1_modinv64_update_de_62(secp256k1_modinv64_signed62 *d, secp
419419
VERIFY_CHECK(secp256k1_modinv64_mul_cmp_62(d, 5, &modinfo->modulus, 1) < 0); /* d < modulus */
420420
VERIFY_CHECK(secp256k1_modinv64_mul_cmp_62(e, 5, &modinfo->modulus, -2) > 0); /* e > -2*modulus */
421421
VERIFY_CHECK(secp256k1_modinv64_mul_cmp_62(e, 5, &modinfo->modulus, 1) < 0); /* e < modulus */
422-
VERIFY_CHECK((secp256k1_modinv64_abs(u) + secp256k1_modinv64_abs(v)) >= 0); /* |u|+|v| doesn't overflow */
423-
VERIFY_CHECK((secp256k1_modinv64_abs(q) + secp256k1_modinv64_abs(r)) >= 0); /* |q|+|r| doesn't overflow */
422+
VERIFY_CHECK(secp256k1_modinv64_abs(u) <= (int64_t)1 << 62); /* |u| <= 2^62 */
423+
VERIFY_CHECK(secp256k1_modinv64_abs(v) <= (int64_t)1 << 62); /* |v| <= 2^62 */
424424
VERIFY_CHECK((secp256k1_modinv64_abs(u) + secp256k1_modinv64_abs(v)) <= (int64_t)1 << 62); /* |u|+|v| <= 2^62 */
425+
VERIFY_CHECK(secp256k1_modinv64_abs(q) <= (int64_t)1 << 62); /* |q| <= 2^62 */
426+
VERIFY_CHECK(secp256k1_modinv64_abs(r) <= (int64_t)1 << 62); /* |r| <= 2^62 */
425427
VERIFY_CHECK((secp256k1_modinv64_abs(q) + secp256k1_modinv64_abs(r)) <= (int64_t)1 << 62); /* |q|+|r| <= 2^62 */
426428
#endif
427429
/* [md,me] start as zero; plus [u,q] if d is negative; plus [v,r] if e is negative. */

0 commit comments

Comments
 (0)