secp256k1_fe_sqrt: Verify that the arguments don't alias.

diff --git a/src/field_impl.h b/src/field_impl.h
index 20428648af31299921fa0dc250e6951912178ec8..14456530181a0bf03c3cb46e464dd992face2b37 100644 (file)
--- a/src/field_impl.h
+++ b/src/field_impl.h
@@ -48,6 +48,8 @@ static int secp256k1_fe_sqrt(secp256k1_fe *r, const secp256k1_fe *a) {
     secp256k1_fe x2, x3, x6, x9, x11, x22, x44, x88, x176, x220, x223, t1;
     int j;
 
+    VERIFY_CHECK(r != a);
+
     /** The binary representation of (p + 1)/4 has 3 blocks of 1s, with lengths in
      *  { 2, 22, 223 }. Use an addition chain to calculate 2^n - 1 for each block:
      *  1, [2], 3, 6, 9, 11, [22], 44, 88, 176, 220, [223]