coveralls
commented
1 month ago coverage: 91.141% (+0.001%) from 91.14% when pulling 59fb3a21523e6d791f9e8120be226f8be4421c1f on Rohde-Schwarz:fix/pqcrystals_hairtrigger into 2849ec74e772ffdceb18740fed27df9fe3689431 on randombit:master.
When unpack()-ing untrusted data (e.g. public keys or ciphertexts) it is possible that a debug assertion we made does not hold legitimately. The range check happens later in the deserialization steps.
Note that this only really becomes a problem when configuring
--with-debug-asserts --unsafe-terminate-on-asserts(as we do for sanitizer builds)This is a fix for: https://github.com/randombit/botan/pull/4375#issuecomment-2419381991.