[gnutls-devel] GnuTLS | Two integer overflows in priority.c (#679)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Jan 23 12:48:54 CET 2019


Looking at priority.c:1266. The macro REMOVE_TLS13_IN_LOOP seems wrong or at least the following code.

REMOVE_TLS13_IN_LOOP always 'continues' (jumps to the main loop) when `vers->tls13_sem` is set. That means that the following code
```
			if (vers->tls13_sem)
				have_tls13 = 1;
```
is never executed and thus `have_tls13` stays always 0. But `have_tls13` is also checked later...

Please review !

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/679#note_134092641
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190123/46ba43ae/attachment.html>


More information about the Gnutls-devel mailing list