[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Security-discuss] handling integer overflows
From: |
Niels Möller |
Subject: |
Re: [Security-discuss] handling integer overflows |
Date: |
Sun, 01 Apr 2012 21:46:20 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.2 (usg-unix-v) |
Nikos Mavrogiannopoulos <address@hidden> writes:
> Do you mean the code for the safe multiplication/addition or the
> original code for parsing asn.1?
The overflow checks, in particular for multiplication. Maybe it's no
problem, but at least I find it somewhat unobvious if one should use <
or <= in the various comparisons, and I would have to think for a while
to figure it out.
(I don't have to think for the overflow test for unsigned addition. But
on the other hand, I'm *very* used to that test, from GMP work).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.