On Tue, Feb 21, 2023 at 03:07:00AM +0100, Theo Buehler wrote:
> By design of d2i, it's the caller's responsibility to check a DER object
> has been fully consumed. We read files from the disk, check hashes,
> parse and validate the DER we encounter, but we do not make sure that
> nothing follows th
On Tue, Feb 21, 2023 at 02:51:09AM +, Job Snijders wrote:
> ps. If there are 'bytes trailing garbage' on an *.mft discovered in the
> DIR_VALID storage area, would a more pristine version of the MFT in
> DIR_TEMP be ignored?
Yes. The whole point of the complicated dance in proc_parser_mft() is
On Tue, Feb 21, 2023 at 03:07:00AM +0100, Theo Buehler wrote:
> By design of d2i, it's the caller's responsibility to check a DER object
> has been fully consumed. We read files from the disk, check hashes,
> parse and validate the DER we encounter, but we do not make sure that
> nothing follows th
