[gnutls-devel] libtasn1 | ASN1.y functions can't be used twice in a process due to global variables (also there is no thread-safety) (#19)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Jul 24 15:43:31 CEST 2019
Tim Rühsen created an issue:
- there is no global init (or deinit) function for libtasn1 to reset global variables after use
- global variables are accessed without locking -> no thread-safety
- calling asn1_parser2tree()/asn1_delete_structure() can only be done once due to global variable state
- that means fuzzing with libFuzzer is currently now possible
Just for fuzzing, there is a simple solution: adding a asn1_global_init() function to set all global variables to default values.
There yacc options like `%option reentrant`. But I assume that we need a session struct and alloc/free functions to achieve parallel parser operations. I'm not deep enough into yacc/flex to quickly make this up.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/issues/19
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel