[gnutls-devel] [sr #108224] Segmentation fault when /dev/urandom is unavailable.
Joshua Phillips
INVALID.NOREPLY at gnu.org
Mon Jan 7 17:21:13 CET 2013
URL:
<http://savannah.gnu.org/support/?108224>
Summary: Segmentation fault when /dev/urandom is unavailable.
Project: GnuTLS
Submitted by: xlq
Submitted on: Mon 07 Jan 2013 04:21:12 PM GMT
Category: Core library
Priority: 5 - Normal
Severity: 2 - Minor
Status: None
Privacy: Public
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Operating System: None
_______________________________________________________
Details:
In lib/nettle/egd.c, find_egd_name returns NULL on failure. This is passed
directly to strlen in _rndegd_connect_socket, causing a segmentation fault if
neither /dev/urandom nor EGD are available.
The attached untested patch checks the pointer returned from find_egd_name.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Mon 07 Jan 2013 04:21:12 PM GMT Name: egd-crash.diff Size: 432B By:
xlq
<http://savannah.gnu.org/support/download.php?file_id=27217>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?108224>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
More information about the Gnutls-devel
mailing list