BBS:      TELESC.NET.BR
Assunto:  src/ssh/docs/audit-portability-vendor.md audit-rules-modules.mdsrc/ssh
De:       Deuc¨
Data:     Wed, 1 Apr 2026 18:56:38 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/6a24d477748fb0d4673927fe
Added Files:
	src/ssh/docs/audit-portability-vendor.md audit-rules-modules.md
Modified Files:
	src/ssh/TODO.md src/ssh/docs/audit-rules.md
Log Message:
Update RULES.md audit: all 9 findings fixed, clarify KBI ownership exception

Remove findings 1.1-1.3, 3.1, 6.1-6.2, 10.1-10.4 (all fixed in
8ead719912).  Reclassify Pointer Ownership from false CONFORMS to
CONFORMS-with-exception: the KBI API intentionally transfers allocation
ownership across the library boundary (app mallocs, library frees),
documented in deucessh-auth.h callback typedefs.

Add RULES.md audit for algorithm modules

4 findings in curve25519-sha256.c and hybrid-pq-kex.c: missing
overflow checks on server-side reply_sz computation and unchecked
sig_len narrowing to uint32_t. dh-gex-sha256.c has the correct
pattern. All other rules conform across 19 module source files.

Add module audit findings to TODO (items 170-173)

Overflow and narrowing issues in server-side KEX reply construction
in curve25519-sha256.c and hybrid-pq-kex.c. dh-gex-sha256.c has
the correct pattern to follow.

Add vendor portability audit (items 174-178)

3 serious findings in sntrup761.c, libcrux_mlkem768_sha3.h, and
mlkem768.c: undefined optblocker symbols (linker failure on non-x86/
arm64), __builtin_popcount without portable fallback, and
__BYTE_ORDER__ detection that silently breaks on non-GCC big-endian.
2 minor: __attribute__((unused)) warnings, #pragma once non-standard.

All affect platforms outside the current build matrix only.

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]