[PATCH 1/2] Don't read past the last list entry in _add_priority, doing so adds algorithms that shouldn't be added and can even lead to a segfault.
Tim Kosse
tim.kosse at filezilla-project.org
Thu Nov 15 19:57:01 CET 2012
---
lib/gnutls_priority.c | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index b6649ca..03ef83b 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -89,11 +89,11 @@ _set_priority (priority_st * st, const int *list)
inline static void
_add_priority (priority_st * st, const int *list)
{
- int num = 0, i, j, init;
+ int num, i, j, init;
init = i = st->algorithms;
- while (list[num] != 0)
+ for (num=0;list[num]!=0;++num)
{
if (i+1 > MAX_ALGOS)
{
@@ -104,14 +104,15 @@ _add_priority (priority_st * st, const int *list)
{
if (st->priority[j] == (unsigned)list[num])
{
- num++;
- continue;
+ break;
}
}
- st->priority[i++] = list[num];
- st->algorithms++;
- num++;
+ if (j == init)
+ {
+ st->priority[i++] = list[num];
+ st->algorithms++;
+ }
}
return;
--
1.7.2.5
More information about the Gnutls-devel
mailing list