Re: [gnutls-dev] gnutls-0.3.2 bugs

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] gnutls-0.3.2 bugs

From:	Nikos Mavroyanopoulos
Subject:	Re: [gnutls-dev] gnutls-0.3.2 bugs
Date:	Thu Jan 17 14:02:01 2002

On Wed, 16 Jan 2002 00:35:00 +0100 Marc Huber <address@hidden> wrote:

> Trying to follow the instructions in src/README.srpcrypt I found that
> - _gnutls_sbase64_encode() doesn't NUL-terminate strings smaller than
>   4 byte, and probably does the wrong thing for longer strings (I
>   haven't done any in-depth auditing on this, so I might be wrong.)
> - _gnutls_get_random() tries to gnutls_free() a gcry_malloc()ed pointer
> - crypt_int() tries to free() a gnutls_malloc()ed pointer
> - read_conf_values(): _gnutls_sbase64_decode() doesn't allocate memory
>   on failure, so gnutls_free() shouldn't be called.
Thank you for the bug reports and the fixes. There is a long time since I've
tested srpcrypt thus bugs may exist. I'll try to find time to clean it
up.

> Cheers,
> Marc


-- 
Nikos Mavroyanopoulos
mailto:address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] gnutls-0.3.2 bugs, Marc Huber, 2002/01/15
- Re: [gnutls-dev] gnutls-0.3.2 bugs, Nikos Mavroyanopoulos <=

Prev by Date: [gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake()
Next by Date: Re: [gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake()
Previous by thread: [gnutls-dev] gnutls-0.3.2 bugs
Next by thread: [gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake()
Index(es):
- Date
- Thread