[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[sr #107831] local 'len' in gnutls_x509_crt_get_key_id not initialized,
From: |
anonymous |
Subject: |
[sr #107831] local 'len' in gnutls_x509_crt_get_key_id not initialized, causing segmentation fault |
Date: |
Wed, 05 Oct 2011 18:45:12 +0000 |
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 |
URL:
<http://savannah.gnu.org/support/?107831>
Summary: local 'len' in gnutls_x509_crt_get_key_id not
initialized, causing segmentation fault
Project: GnuTLS
Submitted by: None
Submitted on: Wed 05 Oct 2011 06:45:11 PM UTC
Category: Core library
Priority: 5 - Normal
Severity: 3 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Email: address@hidden
Open/Closed: Open
Discussion Lock: Any
Operating System: None
_______________________________________________________
Details:
With gnutls 3.0.3, certtool segfaults when I try to generate a self-signed
certificate. The problem is that
asn1_der_coding (crt->cert, "tbsCertificate.subjectPublicKeyInfo", NULL, &len,
NULL);
is called with len unitialized. Since len contains garbage, asn1_der_coding
thinks it is okay to write to the output buffer, which is NULL. The following
patch fixes the problem for me.
--- gnutls-3.0.3/lib/x509/x509.c.orig 2011-10-05 17:25:53.025852307 +0000
+++ gnutls-3.0.3/lib/x509/x509.c 2011-10-05 17:26:04.232713442 +0000
@@ -2283,7 +2283,7 @@
unsigned char *output_data,
size_t * output_data_size)
{
- int pk, result = 0, len;
+ int pk, result = 0, len = 0;
gnutls_datum_t pubkey;
if (crt == NULL)
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107831>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [sr #107831] local 'len' in gnutls_x509_crt_get_key_id not initialized, causing segmentation fault,
anonymous <=