On 6/17/25 00:31, NIIBE Yutaka via Gcrypt-devel wrote:
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi): Remove bogus check
for VALUELEN.
NACK! NACK! NACK!
Those are checks for integer overflow. (They may even be correct if
VALUELEN is unsigned.)
If VALUELEN is a signed type, they are undefined behavior and need to be
fixed, not removed.
-- Jacob
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel