[gnutls-devel] GnuTLS | Fix coverity in lib/ (!1092)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Oct 10 18:10:26 CEST 2019
Nikos Mavrogiannopoulos started a new discussion on lib/record.c: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_228911231
> (int) _mbuffer_get_udata_size(decrypted));
> /* store the last valid sequence number. We don't use that internally but
> - * callers of gnutls_record_get_state() could take advantage of it. */
> - memcpy(&record_state->sequence_number, packet_sequence, 8);
> + * callers of gnutls_record_get_state() could take advantage of it.
> + *
> + * Coverity issue 1454647 suggest to use memmove() here instead of memcpy().
> + */
> + memmove(&record_state->sequence_number, packet_sequence, 8);
I do not see why is memmove being needed here. This is the DTLS case in which different buffers are being used. What if we introduce an assert for buffer difference instead?
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_228911231
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel