aboutsummaryrefslogtreecommitdiff
path: root/src/assumptions.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/assumptions.h')
-rw-r--r--src/assumptions.h8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/assumptions.h b/src/assumptions.h
index f9d4e8e793..77204de2b8 100644
--- a/src/assumptions.h
+++ b/src/assumptions.h
@@ -7,6 +7,8 @@
#ifndef SECP256K1_ASSUMPTIONS_H
#define SECP256K1_ASSUMPTIONS_H
+#include <limits.h>
+
#include "util.h"
/* This library, like most software, relies on a number of compiler implementation defined (but not undefined)
@@ -19,7 +21,11 @@ struct secp256k1_assumption_checker {
allowed. */
int dummy_array[(
/* Bytes are 8 bits. */
- CHAR_BIT == 8 &&
+ (CHAR_BIT == 8) &&
+
+ /* No integer promotion for uint32_t. This ensures that we can multiply uintXX_t values where XX >= 32
+ without signed overflow, which would be undefined behaviour. */
+ (UINT_MAX <= UINT32_MAX) &&
/* Conversions from unsigned to signed outside of the bounds of the signed type are
implementation-defined. Verify that they function as reinterpreting the lower