Fix buffer overrun in mp_from_decimal("").

The loop over the input string assumed it could read _one_ byte safely before reaching the initial termination test.
2019-01-29 20:03:35 +00:00 · 2019-01-29 20:03:35 +00:00 · 6e7df89316
--- a/mpint.c
+++ b/mpint.c
@ -186,7 +186,7 @@ mp_int *mp_from_decimal_pl(ptrlen decimal)
    size_t words = bits / BIGNUM_INT_BITS + 1;

    mp_int *x = mp_make_sized(words);
-    for (size_t i = 0;; i++) {
+    for (size_t i = 0; i < decimal.len; i++) {
        mp_add_integer_into(x, x, ((char *)decimal.ptr)[i] - '0');

        if (i+1 == decimal.len)
--- a/test/cryptsuite.py
+++ b/test/cryptsuite.py
@ -155,6 +155,7 @@ class mpint(MyTestBase):
        decstr = '91596559417721901505460351493238411077414937428167'
        self.assertEqual(int(mp_from_decimal_pl(decstr)), int(decstr, 10))
        self.assertEqual(int(mp_from_decimal(decstr)), int(decstr, 10))
+        self.assertEqual(int(mp_from_decimal("")), 0)
        # For hex, test both upper and lower case digits
        hexstr = 'ea7cb89f409ae845215822e37D32D0C63EC43E1381C2FF8094'
        self.assertEqual(int(mp_from_hex_pl(hexstr)), int(hexstr, 16))