[gnutls-dev] thread safety issue in gnutls_certificate_verify_peers2()
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Mar 10 18:24:11 CET 2006
On Thu 09 Mar 2006 22:05, Rupert Kittinger wrote:
> Hi everybody,
> Under heavy load, the server crashes reproducably in
> gnutls_certificate_verify_peers2(). After some debugging, I found the
> following:
> asn1_der_coding() seems to modify its first argument (ASN1_TYPE
> element) when encoding seuences or sets. e.g.
> case TYPE_SEQUENCE_OF: case TYPE_SET_OF:
> if(move!=UP){
> _asn1_ltostr(counter,temp);
> tlen = strlen(temp);
>
> if (tlen > 0)
> _asn1_set_value(p,temp,tlen+1);
> p=p->down;
> ...
Ouch! That's really bad. I'll try to take a look during the weekend.
Thanks for reporting it!
More information about the Gnutls-devel
mailing list