aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-07-24 20:26:43 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-09-11 13:38:10 +0000
commit0825e974362ee5e62f44e08fae08dbb10e48383c (patch)
tree909c3088708d8cf99bfaf79ee6b9731d4eb3964c
parentCheck inputs to addKeys are in range (diff)
downloadmonero-0825e974362ee5e62f44e08fae08dbb10e48383c.tar.xz
multiexp: fix wrong Bos-Coster result for 1 non trivial input
Reported by QuarksLab.
Diffstat (limited to '')
-rw-r--r--src/ringct/multiexp.cc10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/ringct/multiexp.cc b/src/ringct/multiexp.cc
index f9ef9e422..b05840322 100644
--- a/src/ringct/multiexp.cc
+++ b/src/ringct/multiexp.cc
@@ -222,17 +222,21 @@ rct::key bos_coster_heap_conv_robust(std::vector<MultiexpData> data)
points = heap.size();
if (points == 0)
return rct::identity();
+
+ auto Comp = [&](size_t e0, size_t e1) { return data[e0].scalar < data[e1].scalar; };
+ std::make_heap(heap.begin(), heap.end(), Comp);
+
if (points < 2)
{
+ std::pop_heap(heap.begin(), heap.end(), Comp);
+ size_t index1 = heap.back();
ge_p2 p2;
- ge_scalarmult(&p2, data[0].scalar.bytes, &data[0].point);
+ ge_scalarmult(&p2, data[index1].scalar.bytes, &data[index1].point);
rct::key res;
ge_tobytes(res.bytes, &p2);
return res;
}
- auto Comp = [&](size_t e0, size_t e1) { return data[e0].scalar < data[e1].scalar; };
- std::make_heap(heap.begin(), heap.end(), Comp);
MULTIEXP_PERF(PERF_TIMER_STOP(setup));
MULTIEXP_PERF(PERF_TIMER_START_UNIT(loop, 1000000));