[gnutls-devel] GnuTLS | Two integer overflows in priority.c (#679)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Jan 23 12:48:54 CET 2019
Looking at priority.c:1266. The macro REMOVE_TLS13_IN_LOOP seems wrong or at least the following code.
REMOVE_TLS13_IN_LOOP always 'continues' (jumps to the main loop) when `vers->tls13_sem` is set. That means that the following code
```
if (vers->tls13_sem)
have_tls13 = 1;
```
is never executed and thus `have_tls13` stays always 0. But `have_tls13` is also checked later...
Please review !
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/679#note_134092641
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190123/46ba43ae/attachment.html>
More information about the Gnutls-devel
mailing list