Re: [gnutls-dev] more than one trusted certificate

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] more than one trusted certificate - buffer overflow

From:	Max Kellermann
Subject:	Re: [gnutls-dev] more than one trusted certificate - buffer overflow
Date:	Fri, 10 Feb 2006 12:45:17 +0100
User-agent:	Mutt/1.5.9i

On 2006/02/01 17:36, Nikos Mavrogiannopoulos <address@hidden> wrote:
> On Wednesday 01 February 2006 14:38, Max Kellermann wrote:
> 
> > You might need a lot of fantasy to imagine a remote exploit for this
> > buffer overflow, but the fact that this bug exists, shows that nobody
> > has ever tried to load more than one trusted certificate into
> > libgnutls...
> 
> That's not true :) The most uses of gnutls use the _file() function 
> which uses the pem parser. That one seems to work.

Which of the two cited statements did you mean with "not true"?

The _file() functions do not allow to add two .pem files, which
renders them useless for my application.

Max

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] more than one trusted certificate - buffer overflow, Max Kellermann, 2006/02/01
- Re: [gnutls-dev] more than one trusted certificate - buffer overflow, Nikos Mavrogiannopoulos, 2006/02/01
- Re: [gnutls-dev] more than one trusted certificate - buffer overflow, Nikos Mavrogiannopoulos, 2006/02/01
  - Re: [gnutls-dev] more than one trusted certificate - buffer overflow, Max Kellermann <=

Prev by Date: [gnutls-dev] GnuTLS 1.3.4 - Experimental - Security release
Next by Date: [gnutls-dev] Re: Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release
Previous by thread: Re: [gnutls-dev] more than one trusted certificate - buffer overflow
Next by thread: [gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release
Index(es):
- Date
- Thread