[gnutls-devel] GnuTLS | Fix coverity in lib/ (!1092)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Oct 14 20:06:37 CEST 2019




Nikos Mavrogiannopoulos started a new discussion on tests/buffer.c: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_230217008

> +		_gnutls_buffer_init(&str);
> +
> +		ret = _gnutls_buffer_append_data(&str, t->input, strlen(t->input));
> +		if (ret < 0)
> +			fail("_gnutls_buffer_append_str: %s\n", gnutls_strerror(ret));
> +
> +		ret = _gnutls_buffer_unescape(&str);
> +		if (ret < 0)
> +			fail("_gnutls_buffer_unescape: %s\n", gnutls_strerror(ret));
> +
> +		ret = _gnutls_buffer_append_data(&str, "", 1);
> +		if (ret < 0)
> +			fail("_gnutls_buffer_append_data: %s\n", gnutls_strerror(ret));
> +
> +		/* using malloc() instead of stack memory for better buffer overflow detection */
> +		output = gnutls_malloc(strlen(t->output) + 1);

what about an assert or some other check of the malloc value?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_230217008
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191014/31c5cb86/attachment-0001.html>


More information about the Gnutls-devel mailing list