Hello libiberty experts,
I don't see anything saying that sha1_process_block() has a size limit
on its input buffer, and if the length of the buffer is big (e.g.,
2^32 on a 64-bit machine) then this code won't correctly add a 64-bit
number to 64-bit number:
/* First increment the byte count. RFC 1321 specifies the possible
length of the file up to 2^64 bits. Here we only compute the
number of bytes. Do a double word increment. */
ctx->total[0] += len;
if (ctx->total[0] < len)
++ctx->total[1];
The above is at sha1.c around line 302.
regards,
Geoff Pike
