tolen_asserts 473 B

123456789
  1. o Major bugfixes (security)
  2. - Fix a heap overflow bug where an adversary could cause heap
  3. corruption. Since the contents of the corruption would need to be
  4. the output of an RSA decryption, we do not think this is easy to
  5. turn in to a remote code execution attack, but everybody should
  6. upgrade anyway. Found by debuger. Bugfix on 0.1.2.10-rc.
  7. o Defensive programming
  8. - Introduce output size checks on all of our decryption functions.