proper handling of the random bytes buffer and avoids potential memory issues

prolic · prolic · commit e92877a97d40 · 2024-10-01T20:06:42.000-04:00
diff --git a/src/Crypto/Secp256k1.hs b/src/Crypto/Secp256k1.hs
@@ -756,7 +756,9 @@ schnorrSign mGen KeyPair{..} bs
         lift $ do
             sigBuf <- mallocBytes 64
             randomPtr <- case mGen of
-                Just gen -> fmap castPtr $ BS.useAsCString (BS.pack $ Prelude.take 32 $ randoms gen) return
+                Just gen -> do
+                    let randomBytes = BS.pack $ Prelude.take 32 $ randoms gen
+                    BS.useAsCStringLen randomBytes $ \(ptr, _) -> pure $ castPtr ptr
                 Nothing -> pure nullPtr
             ret <- Prim.schnorrsigSign ctx sigBuf msgHashPtr keyPairPtr randomPtr
             if isSuccess ret
