From 0be1a4ae620f30929a037641a21157c6651d8822 Mon Sep 17 00:00:00 2001
From: Andrew Poelstra <apoelstra@wpsoftware.net>
Date: Wed, 13 Mar 2019 22:35:08 +0000
Subject: [PATCH] scratch: add magic bytes to beginning of structure

---
 src/scratch.h      |  1 +
 src/scratch_impl.h | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/src/scratch.h b/src/scratch.h
index b03762152ae92..eeb9df22cb07d 100644
--- a/src/scratch.h
+++ b/src/scratch.h
@@ -12,6 +12,7 @@
 /* The typedef is used internally; the struct name is used in the public API
  * (where it is exposed as a different typedef) */
 typedef struct secp256k1_scratch_space_struct {
+    unsigned char magic[8];
     void *data;
     void *current_frame;
     size_t offset[SECP256K1_SCRATCH_MAX_FRAMES];
diff --git a/src/scratch_impl.h b/src/scratch_impl.h
index d28471987c599..f62afbfd68fb3 100644
--- a/src/scratch_impl.h
+++ b/src/scratch_impl.h
@@ -14,6 +14,7 @@ static secp256k1_scratch* secp256k1_scratch_create(const secp256k1_callback* err
     secp256k1_scratch* ret = (secp256k1_scratch*)checked_malloc(error_callback, sizeof(*ret));
     if (ret != NULL) {
         memset(ret, 0, sizeof(*ret));
+        memcpy(ret->magic, "scratch", 8);
         ret->data = (secp256k1_scratch*)checked_malloc(error_callback, max_size);
         ret->max_size = max_size;
     }
@@ -23,6 +24,10 @@ static secp256k1_scratch* secp256k1_scratch_create(const secp256k1_callback* err
 static void secp256k1_scratch_destroy(secp256k1_scratch* scratch) {
     if (scratch != NULL) {
         VERIFY_CHECK(scratch->frame == 0);
+        if (memcmp(scratch->magic, "scratch", 8) != 0) {
+            return;
+        }
+        memset(scratch->magic, 0, sizeof(scratch->magic));
         free(scratch->data);
         free(scratch);
     }
@@ -31,6 +36,9 @@ static void secp256k1_scratch_destroy(secp256k1_scratch* scratch) {
 static size_t secp256k1_scratch_max_allocation(const secp256k1_scratch* scratch, size_t objects) {
     size_t i = 0;
     size_t allocated = 0;
+    if (memcmp(scratch->magic, "scratch", 8) != 0) {
+        return 0;
+    }
     for (i = 0; i < scratch->frame; i++) {
         allocated += scratch->frame_size[i];
     }
@@ -43,6 +51,10 @@ static size_t secp256k1_scratch_max_allocation(const secp256k1_scratch* scratch,
 static int secp256k1_scratch_allocate_frame(secp256k1_scratch* scratch, size_t n, size_t objects) {
     VERIFY_CHECK(scratch->frame < SECP256K1_SCRATCH_MAX_FRAMES);
 
+    if (memcmp(scratch->magic, "scratch", 8) != 0) {
+        return 0;
+    }
+
     if (n <= secp256k1_scratch_max_allocation(scratch, objects)) {
         n += objects * ALIGNMENT;
         scratch->current_frame = scratch->data;
@@ -58,6 +70,11 @@ static int secp256k1_scratch_allocate_frame(secp256k1_scratch* scratch, size_t n
 
 static void secp256k1_scratch_deallocate_frame(secp256k1_scratch* scratch) {
     VERIFY_CHECK(scratch->frame > 0);
+
+    if (memcmp(scratch->magic, "scratch", 8) != 0) {
+        return;
+    }
+
     scratch->frame--;
     scratch->data = (void *) ((char *) scratch->data - scratch->frame_size[scratch->frame]);
 }
@@ -67,6 +84,10 @@ static void *secp256k1_scratch_alloc(secp256k1_scratch* scratch, size_t size) {
     size_t frame = scratch->frame - 1;
     size = ROUND_TO_ALIGN(size);
 
+    if (memcmp(scratch->magic, "scratch", 8) != 0) {
+        return NULL;
+    }
+
     if (scratch->frame == 0 || size + scratch->offset[frame] > scratch->frame_size[frame]) {
         return NULL;
     }