On 07/27/13 10:21, Barry Steyn wrote: > This was recently brought to my attention by a someone who used a C code > checking tool. The issue that was reported was a possible double close of the > readfrom stream in the file scrypt/scrypt-1.1.6/lib/util/readpass.c > > You can view the diff that was suggested below. > > https://github.com/mscdex/node-scrypt/commit/8e489e8b7a1d7c42b99b0ee10e239ee16ebde76b
Yes, that's quite correct -- I've already made that change in my libcperciva tree and will be merging it into my scrypt tree soon. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
