[gnutls-devel] GnuTLS | fix possible out-of-bounds access (!1699)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sun Feb 12 00:01:06 CET 2023
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1699 was reviewed by Daiki Ueno
--
<!-- Get preloaded note discussion-->
Daiki Ueno started a new discussion on src/serv.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1699#note_1275237476
> return NULL;
> len = ret;
> - http_buffer = realloc(http_buffer, len + data.size);
Since this is a test program, I would simply use `xrealloc` from ["xalloc.h",](https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob_plain;f=modules/xalloc-die) which would cause the program crash when allocation fails.
--
<!-- Get preloaded note discussion-->
Daiki Ueno started a new discussion on src/serv.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1699#note_1275237477
> + *ret_length = len + data.size;
> + } else {
> + gnutls_free(http_buffer);
`gnutls_free` should only be used on the memory area allocated with GnuTLS memory functions (e.g., `gnutls_malloc`, `gnutls_realloc`, etc.)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1699
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230211/ddd2a466/attachment-0001.html>
More information about the Gnutls-devel
mailing list