Re: Security concern about open range integers (was: Question about: 4.1.1 Integer representation)

On 21 October 2013 14:03, Fred Akalin <> wrote:
> I'm not sure I see the problem. While decoding a varint, you have to keep
> track of amount to right-shift the low 7 bits of the next octet. You can
> then check if doing so would overflow 32 bits, and abort if so.

If you want to use all the 32 bits, then you have to check what bits are set.

The bigger problem is the extra 2^N-1 you are required to add (255 for
an 8-bit prefix), which will cause an overflow if you aren't careful.
Hence the tricky little mask I used...

Received on Monday, 21 October 2013 21:15:46 UTC