[gnutls-devel] Use of uninitialized data in gnutls_pubkey_deinit ?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Feb 20 16:49:09 CET 2013
On 02/20/2013 10:40 AM, Jaak Ristioja wrote:
> Please note that in lib/gnutls_pubkey.c in the definition of function
> gnutls_pubkey_init the "params" field of struct gnutls_pubkey_st is not
> explicitly initialized, but this field is used in gnutls_pubkey_deinit.
> Does the call to gnutls_calloc in gnutls_pubkey_init return a pointer to
> memory already initialized to zeroes?
yes, gnutls_calloc is guaranteed to initialize the allocated buffer to 0.
By default, gnutls_calloc is just set to libc's calloc(), which
initializes the buffer to 0.
If the library's user overrides the default memory management with
gnutls_global_set_mem_functions(), then gnutls_calloc calls the
configured gnutls_malloc function and then manually memset's the
contents of buffer to all zeros.
You can see this in lib/gnutls_mem.c and lib/gnutls_global.c
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1027 bytes
Desc: OpenPGP digital signature
More information about the Gnutls-devel