[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake()
|
From: |
Guillaume Morin |
|
Subject: |
[gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake() |
|
Date: |
Thu Jan 17 10:59:02 2002 |
|
User-agent: |
Mutt/1.3.25i |
Hi,
I made this patch for a problem I've been experiencing.
The details are in the Debian BTS http://bugs.debian.org/123616.
in STATE8, _gnutls_recv_handshake_header returns 0, but since malloc is
not called for this value, dataptr is unitialized. Here is the fix
(you'll note that I have forced its initialization what is not needed,
but since it hid the bug, I think it is cleaner...)
--- lib/gnutls_handshake.c.old Tue Jan 15 00:53:36 2002
+++ lib/gnutls_handshake.c Tue Jan 15 00:55:39 2002
@@ -865,7 +865,7 @@
{
int ret;
uint32 length32 = 0;
- opaque *dataptr;
+ opaque *dataptr = NULL;
HandshakeType recv_type;
ret = _gnutls_recv_handshake_header(state, type, &recv_type);
@@ -890,7 +890,7 @@
return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
}
- if (dataptr == NULL) {
+ if (dataptr == NULL && length32) {
gnutls_assert();
return GNUTLS_E_MEMORY_ERROR;
}
HTH.
PS: Please keep me CC'ed since I am not subscribed.
--
Guillaume Morin <address@hidden>
Debian - What your mom would use if it were twenty times easier.
http://www.copyleft.net/
- [gnutls-dev] [PATCH] fix for a bug in gnutls_recv_handshake(),
Guillaume Morin <=