[gnutls-devel] GnuTLS | OCSP: in several cases OID values contain null terminated byte (#805)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sun Jul 21 09:03:25 CEST 2019
Nikos Mavrogiannopoulos created an issue:
The APIs in `lib/x509/ocsp*.c` rely on several cases on the fact that `_gnutls_x509_read_value` will incorrectly include the null terminated byte into the size for object identifier strings. This is sometimes reflected to exported APIs and thus a fix in the handling of the original function cannot happen without changing assumptions by user programs. The functions that are affected are:
I recommend to fix that deficiency in `_gnutls_x509_read_value` (see attached patch) in a minor release update (3.7.0), and document the change on the affected functions.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/805
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel