On 6/17/25 00:31, NIIBE Yutaka via Gcrypt-devel wrote:
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi): Remove bogus check
for VALUELEN.

NACK!  NACK!  NACK!

Those are checks for integer overflow.  (They may even be correct if VALUELEN is unsigned.)

If VALUELEN is a signed type, they are undefined behavior and need to be fixed, not removed.


-- Jacob


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Reply via email to