util: fix overflow in IBAN check digit computation - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit 4e5e245263b054e369af95786c8353f3e5ec26f8
parent 75cb89b90d7913f80a35dcab45c548c16dd6990d
Author: Florian Dold <florian@dold.me>
Date:   Fri,  5 Sep 2025 00:02:12 +0200

util: fix overflow in IBAN check digit computation

The overflow only manifested itself with IBANs that had a large number
of non-digit characters.  For such IBANs, nbuf would be larger, and the
following computation would overflow on the second loop iteration:
dividend += remainder * (pow (10, nread));

Diffstat:
M src/util/iban.c  | 4 ++--

1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/util/iban.c b/src/util/iban.c
@@ -288,13 +288,13 @@ TALER_iban_validate (const char *iban)
   }
   GNUNET_assert (sizeof(dividend) >= 8);
   remainder = 0;
-  for (unsigned int i = 0; i<j; i += 16)
+  for (unsigned int i = 0; i<j; i += 9)
   {
     int nread;
 
     if (1 !=
         sscanf (&nbuf[i],
-                "%16llu %n",
+                "%9llu %n",
                 &dividend,
                 &nread))
     {

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE