Buffer overflow in gnutls-serv http code
nmav at gnutls.org
Sun Dec 5 10:39:09 CET 2010
On 12/02/2010 03:24 PM, Tomas Mraz wrote:
> The gnutls-serv uses fixed allocated buffer for the response which can
> be pretty long if a client certificate is presented to it and the http
> header is large. This causes buffer overflow and heap corruption which
> then leads to random segfaults or aborts.
> It was reported originally here:
> The attached patch changes sprintf calls in peer_print_info() to
> snprintf so the buffer is never overflowed.
Thank you. Applied.
More information about the Gnutls-devel