If neither ENDIAN_BIG nor ENDIAN_LITTLE is defined, the following code is executed in fp_read_unsigned_bin
#else
/* read the bytes in */
for (; c > 0; c--) {
fp_mul_2d (a, 8, a);
a->dp[0] |= *b++;
a->used += 1;
}
#endif
This will overflow a->dp array if c is large enough. I implemented a local change by having fp_read_unsigned_bin return a failure status in such case but I see now that the code above seems to truncate the input.
sjaeckel
commented
7 years ago
If neither ENDIAN_BIG nor ENDIAN_LITTLE is defined, the following code is executed in fp_read_unsigned_bin
This will overflow a->dp array if c is large enough. I implemented a local change by having fp_read_unsigned_bin return a failure status in such case but I see now that the code above seems to truncate the input.