9 Apr
2014
9 Apr
'14
5:32 p.m.
On Wed, 9 Apr 2014, Vasili I. Galchin
Ok .. I just scanned this .. but is this problem a "logic" bug in the OpenSSL C/C++ code or is a type correctness issue?
Thanks,
Vasili
It is a type error. Information sent in blocks over the Net should contain a sub-block containing the total length and also some internal checksum, which may or may not need to be cryptographically defended. The length sub-block likely would require some further information too. The famous Bitcoin malleability difficulty is an example of a block of information failing to have enough length fields/checksums. Like most, perhaps all, errors in type design, it is a logic bug at the design level, which might give a logic bug at the code level. oo--JS.