Daniel Kahn Gillmor dkg at
Wed Sep 17 17:16:58 CEST 2008

On Wed 2008-09-17 07:30:55 -0400, Simon Josefsson wrote:

> Werner Koch <wk at> writes:
>> lib/gnutls_session_pack.c:
>>     gnutls_calloc (1, sizeof (gnutls_datum_t) * info->ncerts);
> This unpacks user-supplied data.  If the data were corrupt, it could
> overflow.  However, if an attacker could influence this data, all the
> security is gone anyway since it contains master secret keys.

When you say "user-supplied", do you mean the user running the local
GnuTLS process, or the user controlling the remote peer?

One concern is that an attacker could defeat the security provided by
the TLS layer by introducing arbitrary master secret keys.  But the
possibility of executing arbitrary code based on the contents of a
keyring is an entirely different threat, though, which it seems like
GnuTLS shouldn't be vulnerable to.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080917/9ff9831f/attachment.pgp>

More information about the Gnutls-devel mailing list