[SCM] GNU gnutls branch, new, updated. gnutls_2_9

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-117-gdcca9af

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-117-gdcca9af
Date:	Sun, 23 May 2010 17:43:06 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=dcca9af0ed19e13a8de63202a21a3027e16e80e9

The branch, new has been updated
       via  dcca9af0ed19e13a8de63202a21a3027e16e80e9 (commit)
       via  c60bb33dfe4982b1f574c0735559c2c47274c5d3 (commit)
      from  b5ea6dec45e1e2feb99cac7ff3b65d0f37377514 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit dcca9af0ed19e13a8de63202a21a3027e16e80e9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sun May 23 19:42:14 2010 +0200

    Corrected nicely hidden bug that caused accesses to uninitialized variables
    if the gcry_mpi_print() functions were pessimists and returned more size 
than
    actually needed for the print.

commit c60bb33dfe4982b1f574c0735559c2c47274c5d3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sun May 23 19:23:31 2010 +0200

    Added some sanity checks.

-----------------------------------------------------------------------

Summary of changes:
 lib/auth_dh_common.c |    9 ++++++---
 lib/gcrypt/mpi.c     |    7 ++++++-
 lib/gcrypt/pk.c      |   10 ++++++++--
 lib/gnutls_mpi.c     |    2 --
 4 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index c1c62d8..178572c 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -95,7 +95,7 @@ _gnutls_proc_dh_common_client_kx (gnutls_session_t session,
     {
       ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key);
     }
-  else                         /* In DHE_PSK the key is set differently */
+  else /* In DHE_PSK the key is set differently */
     {
       gnutls_datum_t tmp_dh_key;
       ret = _gnutls_mpi_dprint (session->key->KEY, &tmp_dh_key);
@@ -176,7 +176,7 @@ _gnutls_gen_dh_common_client_kx (gnutls_session_t session, 
opaque ** data)
     {
       ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key);
     }
-  else                         /* In DHE_PSK the key is set differently */
+  else /* In DHE_PSK the key is set differently */
     {
       gnutls_datum_t tmp_dh_key;
       ret = _gnutls_mpi_dprint (session->key->KEY, &tmp_dh_key);
@@ -363,7 +363,10 @@ _gnutls_dh_common_print_server_kx (gnutls_session_t 
session,
 
   _gnutls_write_uint16 (n_X, &pdata[pos]);
 
-  ret = data_size;
+  /* do not use data_size. _gnutls_mpi_print() might
+   * have been pessimist and might have returned initially
+   * more data */
+  ret = n_g + n_p + n_X + 6;
 
   return ret;
 }
diff --git a/lib/gcrypt/mpi.c b/lib/gcrypt/mpi.c
index 6adbb1b..9ae2752 100644
--- a/lib/gcrypt/mpi.c
+++ b/lib/gcrypt/mpi.c
@@ -78,7 +78,12 @@ wrap_gcry_mpi_print (const bigint_t a, void *buffer, size_t 
* nbytes,
   ret = gcry_mpi_print (format, buffer, *nbytes, nbytes, a);
   if (!ret) {
     if (buffer==NULL || init_bytes < *nbytes) {
-      (*nbytes)++;
+
+      /* in STD format we may want to include
+        * an extra byte for zero. Sometimes the gcry_
+        * function doesn't add it.
+        */
+      if (format == GNUTLS_MPI_FORMAT_STD) (*nbytes)++; 
       return GNUTLS_E_SHORT_MEMORY_BUFFER;
     }
     return 0;
diff --git a/lib/gcrypt/pk.c b/lib/gcrypt/pk.c
index 84fedfe..593c6e6 100644
--- a/lib/gcrypt/pk.c
+++ b/lib/gcrypt/pk.c
@@ -629,6 +629,12 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len, 
int bits)
   gcry_sexp_t parms, key, list;
   bigint_t tmp;
 
+  if (*resarr_len < RSA_PRIVATE_PARAMS)
+    {
+      gnutls_assert();
+      return GNUTLS_E_INTERNAL_ERROR;
+    }
+
   ret = gcry_sexp_build (&parms, NULL, "(genkey(rsa(nbits %d)))", bits);
   if (ret != 0)
     {
@@ -736,10 +742,10 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len, 
int bits)
        }
 
   /* [6] = d % p-1, [7] = d % q-1 */
-  _gnutls_mpi_sub_ui(tmp, resarr[3], 1);
+  _gnutls_mpi_sub_ui(tmp, resarr[3]/*p*/, 1);
   resarr[6] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp);
 
-  _gnutls_mpi_sub_ui(tmp, resarr[4], 1);
+  _gnutls_mpi_sub_ui(tmp, resarr[4]/*q*/, 1);
   resarr[7] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp);
 
   _gnutls_mpi_release(&tmp);
diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c
index 9850108..b3d5760 100644
--- a/lib/gnutls_mpi.c
+++ b/lib/gnutls_mpi.c
@@ -256,8 +256,6 @@ _gnutls_mpi_dprint_size (const bigint_t a, gnutls_datum_t * 
dest, size_t size)
   if (buf == NULL)
     return GNUTLS_E_MEMORY_ERROR;
 
-  dest->size = MAX (size, bytes);
-
   if (bytes <= size)
     {
       size_t diff = size - bytes;


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-117-gdcca9af, Nikos Mavrogiannopoulos <=

Prev by Date: Hydra job gnu:gnutls-master:tarball build 416189: Failed with non-zero exit code
Next by Date: [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-119-g520827b
Previous by thread: Hydra job gnu:gnutls-master:tarball build 416189: Failed with non-zero exit code
Next by thread: [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-119-g520827b
Index(es):
- Date
- Thread