[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUES
From: |
Simon Josefsson |
Subject: |
Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST |
Date: |
Wed, 17 Sep 2008 13:15:54 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/22.2 (gnu/linux) |
Sam Varshavchik <address@hidden> writes:
> Simon Josefsson writes:
>
>> Sam Varshavchik <address@hidden> writes:
>>
>>> The following short test program runs when compiled against
>>> 2.4.0. Compiling it against 2.5.7 causes it to report a
>>> GNUTLS_E_INVALID_REQUEST from the second call to
>>> gnutls_x509_privkey_generate().
>>
>> I can't reproduce this, adding this somewhere:
>>
>> printf ("vers %s %s\n", LIBGNUTLS_VERSION, gnutls_check_version (NULL));
>>
>> Does print 2.5.7 for both, confirming that I really use 2.5.7. So it
>> seems something else is required to reproduce this. Can you try to
>> debug gnutls_x509_privkey_generate and see what happens?
>>
>> Does 'certtool -p' trigger the same problem for you?
>
> The bug seems to be easy to spot. I think this is it:
>
> int
> gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
> gnutls_pk_algorithm_t algo, unsigned int bits,
> unsigned int flags)
> {
> int ret;
> unsigned int params_len;
>
> // . . .
>
> ret = _gnutls_rsa_generate_params (key→params, ¶ms_len, bits);
>
> This goes into:
>
> static int
> _generate_params (int algo, bigint_t *resarr, unsigned int *resarr_len,
> int bits)
>
> // . . .
>
> if (resarr && resarr_len && *resarr_len > params.params_nr)
> ===========
>
> Looks like *resarr_len points to uninitialized memory at this
> point. gnutls_x509_privkey_generate() never initialized params_len, as
> far as I can tell.
Thanks for analysis, I guess it broke during the crypto.h conversion.
How about this patch?
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 82408c6..e5e6de3 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1316,7 +1316,7 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
unsigned int flags)
{
int ret;
- unsigned int params_len;
+ unsigned int params_len = MAX_PRIV_PARAMS_SIZE;
unsigned int i;
if (key == NULL)
Nikos, do you think this is correct?
/Simon
- 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/16
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Simon Josefsson, 2008/09/17
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/17
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/17
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST,
Simon Josefsson <=
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Nikos Mavrogiannopoulos, 2008/09/20
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/20
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Nikos Mavrogiannopoulos, 2008/09/21
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/21
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Nikos Mavrogiannopoulos, 2008/09/21
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/21
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Sam Varshavchik, 2008/09/22
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Nikos Mavrogiannopoulos, 2008/09/23
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Nikos Mavrogiannopoulos, 2008/09/23
- Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST, Simon Josefsson, 2008/09/25