security-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Security-discuss] handling integer overflows


From: Niels Möller
Subject: Re: [Security-discuss] handling integer overflows
Date: Sun, 01 Apr 2012 21:46:20 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (usg-unix-v)

Nikos Mavrogiannopoulos <address@hidden> writes:

> Do you mean the code for the safe multiplication/addition or the
> original code for parsing asn.1?

The overflow checks, in particular for multiplication. Maybe it's no
problem, but at least I find it somewhat unobvious if one should use <
or <= in the various comparisons, and I would have to think for a while
to figure it out.

(I don't have to think for the overflow test for unsigned addition. But
on the other hand, I'm *very* used to that test, from GMP work).

Regards,
/Niels


-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]