[gnutls-devel] GnuTLS | Fix matching of last key of a pkcs#11 token (!1560)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon Mar 21 10:27:39 CET 2022
Daiki Ueno started a new discussion on lib/pkcs11.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1560#note_881711609
> }
>
> if (current > list->key_ids_size)
> break;
I suspect this condition might have an off-by-one error (and might potentially cause out-of-bound write to `list->key_ids` array in a hypothetical case, i.e., the second C_FindObjects returns more results than the first call does).
To make the loop invariant clear, maybe it could be merged into the `while` condition above, something like:
```c
while (pkcs11_find_objects
(sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK
&& count == 1
&& current < list->key_ids_size) {
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1560#note_881711609
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220321/839b9791/attachment.html>
More information about the Gnutls-devel
mailing list