> please be patient
I'm not in a hurry. Like probably everyone else I have a fork repo where all changes are present. Just wanted to rely more on upstream in the future
> Unfortunately it takes time especially if backlog is huge
That is my point: if environment is more friendly, probably you would get more help in working through backlog
But, anyway, back to the patch: I recovered some of the context of my code, so here are the details
> I think this loop is overcomplicated. In all other places we assume that
> short read from grub_file_read means error.
This loop validates incorrect (or even bogus) signature format.
The format should be (simplified) |total len|subpack1|subpack2|....
Each subpacket has its own length specified as well
This loop tries to verify that the overall processed packet length match.
Since we we process arbitrary length here, I do not see a better approach
As for other concerns I commented in my previous reply to the patch.