[gnutls-devel] Use of gnutls_x509_trust_list_add_cas() function
Zaolin
zaolin at das-labor.org
Tue Apr 8 23:19:00 CEST 2014
Hi,
yesterday I browsed the code of gnutls and found some strange behaviour
in the check of a return value.The gnutls_x509_trust_list_add_cas
function returns the elements which has been added to the trust list.
/**
* gnutls_x509_trust_list_add_cas:
* @list: The structure of the list
* @clist: A list of CAs
* @clist_size: The length of the CA list
* @flags: should be 0.
*
* This function will add the given certificate authorities
* to the trusted list. The list of CAs must not be deinitialized
* during this structure's lifetime.
*
* Returns: The number of added elements is returned.
*
* Since: 3.0
**/
But in the whole gnutls code including the apps the return value is
checked like this:
ret = gnutls_x509_trust_list_add_cas
if( ret < 0 ) {
The return value of this function can never be negative as the
implementation shows. So it seems that this is a bug if I am right ?
I am thinking about catching all misused lines of code and submiting a
patch.
Regards Zaolin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140408/55a7aeec/attachment-0001.sig>
More information about the Gnutls-devel
mailing list