From 354ffa33e6b0d6c1270a6d9d228f692b70ad7ff4 Mon Sep 17 00:00:00 2001
From: Gregory Maxwell <greg@xiph.org>
Date: Tue, 17 Feb 2015 00:10:12 -0800
Subject: [PATCH] Make secp256k1_ec_pubkey_create reject oversized secrets.

---
 src/secp256k1.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/secp256k1.c b/src/secp256k1.c
index 280dee70224..5905fe60985 100644
--- a/src/secp256k1.c
+++ b/src/secp256k1.c
@@ -220,12 +220,17 @@ int secp256k1_ec_pubkey_create(unsigned char *pubkey, int *pubkeylen, const unsi
     secp256k1_gej_t pj;
     secp256k1_ge_t p;
     secp256k1_scalar_t sec;
+    int overflow;
     DEBUG_CHECK(secp256k1_ecmult_gen_consts != NULL);
     DEBUG_CHECK(pubkey != NULL);
     DEBUG_CHECK(pubkeylen != NULL);
     DEBUG_CHECK(seckey != NULL);
 
-    secp256k1_scalar_set_b32(&sec, seckey, NULL);
+    secp256k1_scalar_set_b32(&sec, seckey, &overflow);
+    if (overflow) {
+        *pubkeylen = 0;
+        return 0;
+    }
     secp256k1_ecmult_gen(&pj, &sec);
     secp256k1_scalar_clear(&sec);
     secp256k1_ge_set_gej(&p, &pj);