From 9da2ad7eba11b19ca72ce09c02b3b14a6d243b60 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Thu, 16 Apr 2026 11:21:44 +0000
Subject: [PATCH] fix: V-002 security vulnerability

Automated security fix generated by Orbis Security AI
---
 crypto/secp256k1/libsecp256k1/src/secp256k1.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/crypto/secp256k1/libsecp256k1/src/secp256k1.c b/crypto/secp256k1/libsecp256k1/src/secp256k1.c
index a248519dfd..f10110e4c7 100644
--- a/crypto/secp256k1/libsecp256k1/src/secp256k1.c
+++ b/crypto/secp256k1/libsecp256k1/src/secp256k1.c
@@ -140,7 +140,12 @@ secp256k1_context* secp256k1_context_preallocated_create(void* prealloc, unsigne
 
 secp256k1_context* secp256k1_context_create(unsigned int flags) {
     size_t const prealloc_size = secp256k1_context_preallocated_size(flags);
-    secp256k1_context* ctx = (secp256k1_context*)checked_malloc(&default_error_callback, prealloc_size);
+    secp256k1_context* ctx;
+
+    if (prealloc_size == 0) {
+        return NULL;
+    }
+    ctx = (secp256k1_context*)checked_malloc(&default_error_callback, prealloc_size);
     if (EXPECT(secp256k1_context_preallocated_create(ctx, flags) == NULL, 0)) {
         free(ctx);
         return NULL;