Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> writes: > I just noticed that div_var_fast() has almost identical code, and so > in principle it has the same vulnerability, although it obviously only > affects the transcendental functions. > I don't actually have a test case that triggers it, but it's basically > the same algorithm, so logically it needs the same additional headroom > to avoid a possible overflow.
Hm, good point. I don't feel a compulsion to have a test case that proves it's broken before we fix it. Do you want to send a patch?