Hi. It looks like ProgressiveHashInputStream passes through data without verifying it, then throws afterwards. This allows corrupt data through to fproxy, or possibly even through a full request chain, causing significant damage. IMHO we want to buffer the unverified chunk until it has been verified. Comments? -- Matthew Toseland [EMAIL PROTECTED] [EMAIL PROTECTED] Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02.
msg04306/pgp00000.pgp
Description: PGP signature
