From c8ac14d9dcebf763698619117fb870f6a01fbf8d Mon Sep 17 00:00:00 2001
From: Jonas Nick <jonasd.nick@gmail.com>
Date: Wed, 6 Oct 2021 10:39:46 +0000
Subject: [PATCH] whitelist: fix SECP256K1_WHITELIST_MAX_N_KEYS constant

"MAX" should mean inclusive. And the whitelisting functions handled this
inconsistently.
---
 include/secp256k1_whitelist.h     | 2 +-
 src/modules/whitelist/main_impl.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/secp256k1_whitelist.h b/include/secp256k1_whitelist.h
index c536c11a7..c0dafd917 100644
--- a/include/secp256k1_whitelist.h
+++ b/include/secp256k1_whitelist.h
@@ -13,7 +13,7 @@
 extern "C" {
 #endif
 
-#define SECP256K1_WHITELIST_MAX_N_KEYS	256
+#define SECP256K1_WHITELIST_MAX_N_KEYS 255
 
 /** Opaque data structure that holds a parsed whitelist proof
  *
diff --git a/src/modules/whitelist/main_impl.h b/src/modules/whitelist/main_impl.h
index 5ce780d45..f16ea8451 100644
--- a/src/modules/whitelist/main_impl.h
+++ b/src/modules/whitelist/main_impl.h
@@ -144,7 +144,7 @@ int secp256k1_whitelist_signature_parse(const secp256k1_context* ctx, secp256k1_
     }
 
     sig->n_keys = input[0];
-    if (sig->n_keys >= MAX_KEYS || input_len != 1 + 32 * (sig->n_keys + 1)) {
+    if (sig->n_keys > MAX_KEYS || input_len != 1 + 32 * (sig->n_keys + 1)) {
         return 0;
     }
     memcpy(&sig->data[0], &input[1], 32 * (sig->n_keys + 1));