On 05/06/2014 02:00 PM, Xuelei Fan wrote:
Storing both int version and major/minor byte versions is a little bit redundancy. The update is significant. I will focus on the signed byte issue in this fix.
Yes, I get that. I've verified that you've covered all the version comparisons.
I was just wondering if accessor methods (or storing the values as ints) would make it less likely that the issue reoccurs in a different variant. But the new checkRecordVersion() probably covers that.
-- Florian Weimer / Red Hat Product Security Team