Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe code
Because of incorrect bounds on method Secp256k1::preallocated_gen_new it was possible to cause use-after-free from safe consumer code. It was also possible to "free" memory not allocated by the appropriate allocator. The method takes a place for storing the context as a mutable reference and returns context containing that reference. Because the code internally uses unsafe and the bounds were incorrect it was possible to create a context that outlived the …