Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
sign/ed25519: Verify signatures are minimum length
The ed25519 signature verification code does not check that the signature is a minimum/correct length. As a result, if the signature is too short, libsodium will end up reading a few bytes out of bounds. Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com> Co-authored-by: Demi Marie Obenour <demi@invisiblethingslab.com> Closes: GHSA-gqf4-p3gv-g8vw
- Loading branch information