[gnutls-dev] more than one trusted certificate - buffer overflow

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Feb 1 17:36:12 CET 2006


On Wednesday 01 February 2006 14:38, Max Kellermann wrote:

> You might need a lot of fantasy to imagine a remote exploit for this
> buffer overflow, but the fact that this bug exists, shows that nobody
> has ever tried to load more than one trusted certificate into
> libgnutls...

That's not true :) The most uses of gnutls use the _file() function 
which uses the pem parser. That one seems to work.

-- 
Nikos Mavrogiannopoulos




More information about the Gnutls-devel mailing list