Fwd: mpi_set_secure leads to heap corruption
Werner Koch
wk at gnupg.org
Tue Jul 4 18:06:09 CEST 2017
On Tue, 4 Jul 2017 03:05, gniibe at fsij.org said:
> Yes. While the patch is right, I followed the suggestion for less
> surprise.
The reason why it was falsely allocated as nlimbs is likely to save on
secure memory. Now that we auto-grow the secure memory this is not
needed and thus this simple and correct fix is sufficient.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170704/097a03b7/attachment.sig>
More information about the Gcrypt-devel
mailing list