Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@exodus/elliptic
Advanced tools
@exodus/elliptic - npm Package Compare versions
Comparing version 6.4.1-precomputed to 6.4.1-precomputed.1
@@ -36,2 +36,8 @@ 'use strict'; | ||
| var octetLen = initial & 0xf; | ||
| // Indefinite length or overflow | ||
| if (octetLen === 0 || octetLen > 4) { | ||
| return false; | ||
| } | ||
| var val = 0; | ||
@@ -41,3 +47,10 @@ for (var i = 0, off = p.place; i < octetLen; i++, off++) { | ||
| val |= buf[off]; | ||
| val >>>= 0; | ||
| } | ||
| // Leading zeroes | ||
| if (val <= 0x7f) { | ||
| return false; | ||
| } | ||
| p.place = off; | ||
@@ -66,2 +79,5 @@ return val; | ||
| var len = getLength(data, p); | ||
| if (len === false) { | ||
| return false; | ||
| } | ||
| if ((len + p.place) !== data.length) { | ||
@@ -74,2 +90,5 @@ return false; | ||
| var rlen = getLength(data, p); | ||
| if (rlen === false) { | ||
| return false; | ||
| } | ||
| var r = data.slice(p.place, rlen + p.place); | ||
@@ -81,2 +100,5 @@ p.place += rlen; | ||
| var slen = getLength(data, p); | ||
| if (slen === false) { | ||
| return false; | ||
| } | ||
| if (data.length !== slen + p.place) { | ||
@@ -86,7 +108,17 @@ return false; | ||
| var s = data.slice(p.place, slen + p.place); | ||
| if (r[0] === 0 && (r[1] & 0x80)) { | ||
| r = r.slice(1); | ||
| if (r[0] === 0) { | ||
| if (r[1] & 0x80) { | ||
| r = r.slice(1); | ||
| } else { | ||
| // Leading zeroes | ||
| return false; | ||
| } | ||
| } | ||
| if (s[0] === 0 && (s[1] & 0x80)) { | ||
| s = s.slice(1); | ||
| if (s[0] === 0) { | ||
| if (s[1] & 0x80) { | ||
| s = s.slice(1); | ||
| } else { | ||
| // Leading zeroes | ||
| return false; | ||
| } | ||
| } | ||
@@ -93,0 +125,0 @@ |
| { | ||
| "name": "@exodus/elliptic", | ||
| "version": "6.4.1-precomputed", | ||
| "version": "6.4.1-precomputed.1", | ||
| "description": "EC cryptography", | ||
@@ -5,0 +5,0 @@ "main": "lib/elliptic.js", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.1%
473956
- Lines of code
- increased by0.28%
10178
No dependency changes