Bug in gnutls breaking Pidgin Jabber support

Tim Kosse tim.kosse at filezilla-project.org
Mon Jun 29 10:01:07 CEST 2009


found the problem. Happens if _gnutls_io_write_buffered gets called with
iptr == NULL and n < session->internals.record_send_buffer.length

It then gets up to n bytes from the send buffer into ptr. At that point
session->internals.record_send_buffer still contains additional
outstanding data.

If sending fails, it pushes the remaining data from ptr to the end of
the send buffer, causing the buffer contents to become reordered.
Instead it should have put it to the beginning. A gnutls_buffer_prepend
function would be needed.

A workaround is to always request the complete buffer, see attached
patch. That's identical to the behavior of older GnuTLS versions.


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gnutls_buffers.patch
URL: </pipermail/attachments/20090629/7cde0115/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090629/7cde0115/attachment.pgp>

More information about the Gnutls-devel mailing list