Hi. It looks like ProgressiveHashInputStream passes through data without
verifying it, then throws afterwards. This allows corrupt data through
to fproxy, or possibly even through a full request chain, causing
significant damage. IMHO we want to buffer the unverified chunk until it
has been verified. Comments?
--
Matthew Toseland
toad at amphibian.dyndns.org
amphibian at users.sourceforge.net
Freenet/Coldstore open source hacker.
Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20021011/7bff5c18/attachment.pgp>
