On Thu, Apr 19, 2012, Erik Tkal wrote:
The detailed analysis for CVE-2012-2110 implies issues with truncation,
specifically int vs long vs size_t. Is the problem limited to platforms
where these are different sizes? The analysis says not limited to I32LP64,
but does not rule out any platforms where it is not an issue. Can it occur
on ILP32 or ILP32LL64 platforms?
Yes: it isn't just limited to I32LP64.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org