[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] [PATCH] gnutls_session_get_data overflow handling
From: |
Joe Orton |
Subject: |
[gnutls-dev] [PATCH] gnutls_session_get_data overflow handling |
Date: |
Tue, 29 Nov 2005 13:44:53 +0000 |
User-agent: |
Mutt/1.4.2.1i |
If called with a too-short buffer parameter, and a non-NULL data
parameter, gnutls_session_get_data returns zero for success, which I
think is counter-intuitive; on success one would expect that it has
actually filled in the buffer.
I'd propose changing it as per this entirely untested and uncompiled
patch (with apologies):
--- ./gnutls_session.c.overflow 2005-11-29 13:40:17.000000000 +0000
+++ ./gnutls_session.c 2005-11-29 13:41:44.000000000 +0000
@@ -48,17 +48,16 @@
gnutls_datum_t psession;
int ret;
- if (*session_data_size < SESSION_SIZE || session_data == NULL) {
+ if (session_data == NULL) {
*session_data_size = SESSION_SIZE;
- session_data = NULL; /* return with the new session_data_size value
*/
+ return 0;
}
+ if (*session_data_size < SESSION_SIZE)
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
+
if (session->internals.resumable == RESUME_FALSE)
return GNUTLS_E_INVALID_SESSION;
- /* just return the session size */
- if (session_data == NULL) {
- return 0;
- }
psession.data = session_data;
- [gnutls-dev] [PATCH] gnutls_session_get_data overflow handling,
Joe Orton <=