hs: bad use of sizeof() in encode_establish_intro_cell_legacy
Found by clang analysis:
r = crypto_pk_private_sign_digest(intro_key, cell_body_out+len,
sizeof(cell_body_out)-len,
cell_body_out, len);
The sizeof()
here is wrong because cell_body_out
is a pointer. However, we've been saved by the fact that this length is not used by the crypto_pk_private_sign_digest()
call except for an assert.
This was introduced by a refactoring which went from having the body on the stack to a pointer as a function parameter.