On Sat, 9 Aug 2025 at 21:22, Vegard Nossum <vegard.nossum@xxxxxxxxxx> wrote:
>
> The actual explanation is given in the email here:
Yeah, that should have been in the commit message somewhere.
And honestly, it should have been in the code too. Having very random
constants in header files with no explanation for them is not great.
> This is an anti-pattern of the crypto code that AFAICT ultimately stems
> from the removal of VLAs:
I'd say that it stems from using random sizes with no logic and the
VLAs were just the *previous* problem case of the same issue.
> As a minimal future-proofing fix, maybe we could add something like
>
> BUILD_BUG_ON(sizeof(struct md5_state) <= HASH_MAX_DESCSIZE);
>
> to every hashing algorithm, and/or a dynamic check in the crypto API
> (completely untested):
The dynamic check may be the right thing to do regardless, but when
fixing outright bugs, at least document what went wrong and why. Not
just "360 was too small for X, so it is now 361".
Linus
