Bug#505279: libgnutls26: segfault in _gnutls_x509_crt_get_raw_dn2

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Wed Nov 12 14:37:35 CET 2008


On Wed, Nov 12, 2008 at 12:15 PM, Simon Josefsson <simon at josefsson.org> wrote:

>> You mean just removing this code snippet instead of moving it?
>>
>>   /* Check if the last certificate in the path is self signed.
>>    * In that case ignore it (a certificate is trusted only if it
>>    * leads to a trusted party by us, not the server's).
>>    */
>>   if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
>>                                    certificate_list[clist_size - 1]) > 0
>>       && clist_size > 0)
>>     {
>>       clist_size--;
>>     }
>
> Yes.
>
>> Yes, this works. However, I wonder whether this code has any use.
> Getting Nikos' comment on this would be useful.  I guess we have two
> choices:
>
> 1) Remove the code.  Fixes both crash and vulnerability.

My suggestion is to remove the offending code.

regards,
Nikos





More information about the Gnutls-devel mailing list