gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUES

From: Nikos Mavrogiannopoulos
Subject: Re: 2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST
Date: Sat, 20 Sep 2008 14:12:22 +0300
User-agent: Thunderbird 2.0.0.16 (X11/20080724) 
Simon Josefsson wrote:

>> // . . .
>>
>>  if (resarr && resarr_len && *resarr_len > params.params_nr)
>>                              ===========
>>
>> Looks like *resarr_len points to uninitialized memory at this
>> point. gnutls_x509_privkey_generate() never initialized params_len, as
>> far as I can tell.
> 
> Thanks for analysis, I guess it broke during the crypto.h conversion.
> How about this patch?
> 
> diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
> index 82408c6..e5e6de3 100644
> --- a/lib/x509/privkey.c
> +++ b/lib/x509/privkey.c
> @@ -1316,7 +1316,7 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
>                             unsigned int flags)
>  {
>    int ret;
> -  unsigned int params_len;
> +  unsigned int params_len = MAX_PRIV_PARAMS_SIZE;
>    unsigned int i;
>  
>    if (key == NULL)
> 
> Nikos, do you think this is correct?

Yes, indeed!

regards,
Nikos
reply via email to
[Prev in Thread] Current Thread [Next in Thread]