21 Mar
2025
21 Mar
'25
5:41 p.m.
karl3@writeme.com wrote: > > on line 2882 of gmp-impl.h in the feb 3 2025 development source of libgmp, lies an implementation of limb incrementation with nails. > > there is an unspoken constraint on this code. the incrementation must not exceed NUMB_MAX. if it does, invali-- > > but it looks like this function is mostly used for carries, constants equal to 1, and as part of pseudorandom number generation > > GMP_NUMB_MAX must be the maximum value for numbers in libgmp. This may be wh-- > > is it so clear? what is exactly clear? > - is the constraint clear? no this code is some of the most esoteric (and commonly used!) code there is > - is it clear that karl is stealing gnu code? no the gnu license advocates for code sharing > - is it clear that karl is influenced to find vulnerabilities and expose them to criminals without reporting them to devs or improving them, to such a strong degree that he finds things that aren't vulnerabilities yet and reports those? maybe here we could replace "criminals" with "immoral use" to rotate axes 90 degrees around different kinds of systems of law > > that third one is what is clear