Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set

From:	Simon Josefsson
Subject:	Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl()
Date:	Wed, 27 Dec 2006 09:32:53 +0100
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.92 (gnu/linux)

Max Kellermann <address@hidden> writes:

> Hi,
>
> gnutls version 1.4.4 as well as the CVS head crash when a program uses
> gnutls_certificate_set_x509_crl().  In the for loop, it calls
> _gnutls_x509_crl_cpy() with new and uninitialized elements of the
> res->x509_crl_list array.  This leads to a segmentation fault.
>
> I suggest adding gnutls_x509_crl_init() before each
> _gnutls_x509_crl_cpy() call.

Hi!  Sorry for the slow response, I just returned from vacation.

I wrote a self-test for this, installed as
tests/certificate_set_x509_crl.c, but were unable to reproduce a
crash.  However, the function is clearly wrong (and the self test
failed), and probably leads to a crash depending on uninitialized
values.  Your suggestion indeed solves the problem.  Fixed in CVS for
both 1.6.x and 1.7.x.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl(), Max Kellermann, 2006/12/11
- Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl(), Max Kellermann, 2006/12/13
- Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl(), Simon Josefsson <=

Prev by Date: [gnutls-dev] Possible bug in GnuTLS AES/SHA1
Next by Date: Re: [gnutls-dev] generate_rdn_seq() collects CA's issuers, why?
Previous by thread: Re: [gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl()
Next by thread: [gnutls-dev] generate_rdn_seq() collects CA's issuers, why?
Index(es):
- Date
- Thread