On Thu, 30 Mar 2023, Thorsten Glaser wrote: > On Thu, 30 Mar 2023, Damien Miller wrote: > > >> >+ return (uint64_t)1 << (c->block_size * 2); > >> > >> … this get an upper bound? This is UB for 256-bit blocksizes > >> at least… > > > >block sizes in struct sshcipher are in bytes, not bits > > Yes, exactly. > > 256 bit = 32 bytes; 32*2 = 64; (uint64_t)1 << 64 is UB. oops yes there are no 256-bit block ciphers specified for SSH anyway and none are likely to be specified any time soon; wide block ciphers are rare outside of storage encryption _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
