2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Sep 20 13:12:22 CEST 2008
Simon Josefsson wrote:
>> // . . .
>>
>> if (resarr && resarr_len && *resarr_len > params.params_nr)
>> ===========
>>
>> Looks like *resarr_len points to uninitialized memory at this
>> point. gnutls_x509_privkey_generate() never initialized params_len, as
>> far as I can tell.
>
> Thanks for analysis, I guess it broke during the crypto.h conversion.
> How about this patch?
>
> diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
> index 82408c6..e5e6de3 100644
> --- a/lib/x509/privkey.c
> +++ b/lib/x509/privkey.c
> @@ -1316,7 +1316,7 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
> unsigned int flags)
> {
> int ret;
> - unsigned int params_len;
> + unsigned int params_len = MAX_PRIV_PARAMS_SIZE;
> unsigned int i;
>
> if (key == NULL)
>
> Nikos, do you think this is correct?
Yes, indeed!
regards,
Nikos
More information about the Gnutls-devel
mailing list