Bug#866964: Fwd: mpi_set_secure leads to heap corruption
Werner Koch
wk at gnupg.org
Tue Jul 4 16:06:09 UTC 2017
On Tue, 4 Jul 2017 03:05, gniibe at fsij.org said:
> Yes. While the patch is right, I followed the suggestion for less
> surprise.
The reason why it was falsely allocated as nlimbs is likely to save on
secure memory. Now that we auto-grow the secure memory this is not
needed and thus this simple and correct fix is sufficient.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20170704/097a03b7/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list