[gnutls-devel] GnuTLS | Tautological assertion in pkcs11-mock4.c never validates initialization flags (#1902)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Jun 9 19:05:43 CEST 2026
Issue created by swathipanneerselvam: https://gitlab.com/gnutls/gnutls/-/work_items/1902
## Description of problem:
In tests/pkcs11/pkcs11-mock4.c (added in MR !2041 for CVE-2025-9820), the assertion checking C_Initialize flags is a no-op due to C operator precedence:
c
assert(!(init_args->flags & LOCK_FLAGS) != LOCK_FLAGS);
! binds tighter than !=, so this evaluates as (0 or 1) != LOCK_FLAGS — always true since LOCK_FLAGS is a multi-bit constant. The mock never actually validates the initialization behavior.
Fix should be either:
c
assert(!(init_args->flags & LOCK_FLAGS));
or:
c
assert((init_args->flags & LOCK_FLAGS) != LOCK_FLAGS);
## Version of gnutls used:
3.8.10
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Amazon Linux 2023 (found while rebasing from c9s)
## How reproducible:
Always — the assertion is a compile-time tautology.
Steps to Reproduce:
* Build gnutls 3.8.10 with the CVE-2025-9820 patch applied
* Run the pkcs11/long-label test
* Observe that the assertion in override_C_Initialize passes regardless of what flags the caller sets
## Actual results:
Assertion always passes. The mock accepts any combination of initialization flags without validating.
## Expected results:
Assertion should fail if the caller passes unexpected flags, validating the expected 3.8.10 C_Initialize behavior as the comment in the code describes.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1902
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/5-dnoxcqatf8ycow6mh1tsu8q41-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260609/6b3b6f6c/attachment.html>
More information about the Gnutls-devel
mailing list