[gnutls-dev] bugreport: segmentation fault in gnutls_certificate_set_x509_crl()
simon at josefsson.org
Wed Dec 27 09:32:53 CET 2006
Max Kellermann <max at duempel.org> writes:
> gnutls version 1.4.4 as well as the CVS head crash when a program uses
> gnutls_certificate_set_x509_crl(). In the for loop, it calls
> _gnutls_x509_crl_cpy() with new and uninitialized elements of the
> res->x509_crl_list array. This leads to a segmentation fault.
> I suggest adding gnutls_x509_crl_init() before each
> _gnutls_x509_crl_cpy() call.
Hi! Sorry for the slow response, I just returned from vacation.
I wrote a self-test for this, installed as
tests/certificate_set_x509_crl.c, but were unable to reproduce a
crash. However, the function is clearly wrong (and the self test
failed), and probably leads to a crash depending on uninitialized
values. Your suggestion indeed solves the problem. Fixed in CVS for
both 1.6.x and 1.7.x.
More information about the Gnutls-dev