[gnutls-devel] GnuTLS | Fix 32bit overflow issue in src/serv-args.def (!922)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Feb 11 12:37:36 CET 2019


Daiki Ueno started a new discussion on src/serv-args.def:

>  flag = {
>      name      = maxearlydata;
>      arg-type  = number;
> -    arg-range = "1->4294967296";
> +    arg-range = "1->4294967295";

Good catch.  I think `1->16384` would be sufficient here, because there is a protocol limit of plaintext size (in TLS 1.3, it is 2^14, excluding content type).

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/922#note_140082683
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190211/4c3bf621/attachment.html>


More information about the Gnutls-devel mailing list