[gnutls-devel] GnuTLS | Read Certificate Transparency (RFC 6962) SCT extension (!1367)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Mar 20 17:09:27 CET 2021
Ander Juaristi commented on a discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_534039593
> + /* Timestamp */
> + if (length <= sizeof(uint64_t)) {
> + gnutls_assert();
> + ret = GNUTLS_E_PREMATURE_TERMINATION;
> + goto cleanup;
> + }
> +
> + sct->timestamp = (uint64_t) _gnutls_read_uint64(ptr);
> + ptr += sizeof(uint64_t);
> + length -= sizeof(uint64_t);
> +
> + /*
> + * There are no extensions defined in SCT v1.
> + * Check that there are actually no extensions - the following two bytes should be zero.
> + */
> + if (*ptr != 0 || *(ptr+1) != 0) {
I've rewritten it as:
```c
if (length < 2 || *ptr != 0 || *(ptr+1) != 0) {
gnutls_assert();
ret = GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH;
goto cleanup;
}
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_534039593
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210320/6991381f/attachment.html>
More information about the Gnutls-devel
mailing list