2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST
Simon Josefsson
simon at josefsson.org
Thu Sep 25 11:45:13 CEST 2008
"Nikos Mavrogiannopoulos" <nmav at gnutls.org> writes:
> I don't like mallocs for short sized buffers I think it is better to
> use a fixed buffer that will have maximum size enough to hold data.
I agree. Some of the buffers in gnutls_constate.c and gnutls_mpi.c are
arbitrary sized though, but have natural upper limits. Maybe you could
re-apply your patch without using C99 but instead using some CPP define
that holds the largest possible value? The gnutls_mpi.c code could
probably use a cut-off, if users request a random mpi larger than, say,
16k bits, then use gnutls_secure_malloc.
Thanks,
/Simon
More information about the Gnutls-devel
mailing list