Re: Buffer overflow in gnutls-serv http code

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Buffer overflow in gnutls-serv http code

From:	Nikos Mavrogiannopoulos
Subject:	Re: Buffer overflow in gnutls-serv http code
Date:	Sun, 05 Dec 2010 10:39:09 +0100
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.15) Gecko/20101027 Thunderbird/3.0.10

On 12/02/2010 03:24 PM, Tomas Mraz wrote:
> The gnutls-serv uses fixed allocated buffer for the response which can
> be pretty long if a client certificate is presented to it and the http
> header is large. This causes buffer overflow and heap corruption which
> then leads to random segfaults or aborts.
> 
> It was reported originally here:
> https://bugzilla.redhat.com/show_bug.cgi?id=659259
> 
> The attached patch changes sprintf calls in peer_print_info() to
> snprintf so the buffer is never overflowed.

Thank you. Applied.

regards,
Nikos

[Prev in Thread]

Current Thread

[Next in Thread]

Buffer overflow in gnutls-serv http code, Tomas Mraz, 2010/12/02
- Re: Buffer overflow in gnutls-serv http code, Nikos Mavrogiannopoulos <=
- Re: Buffer overflow in gnutls-serv http code, Simon Josefsson, 2010/12/07
  - Re: Buffer overflow in gnutls-serv http code, Tomas Mraz, 2010/12/07
    - Re: Buffer overflow in gnutls-serv http code, Simon Josefsson, 2010/12/13

Prev by Date: [sr #107540] iPhone/iPad TLS negotiation to postfix fails with certtool certs, works with openssl certs
Next by Date: Re: common.c and getpass.c and thread safety, zeroization
Previous by thread: Buffer overflow in gnutls-serv http code
Next by thread: Re: Buffer overflow in gnutls-serv http code
Index(es):
- Date
- Thread