[gnutls-devel] GnuTLS | Two integer overflows in priority.c (#679)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Jan 23 13:52:59 CET 2019


> REMOVE_TLS13_IN_LOOP always 'continues' (jumps to the main loop) when vers->tls13_sem is set. That means that the following code

In [that part of the code](https://gitlab.com/gnutls/gnutls/blob/master/lib/priority.c#L1266), the invocation of `REMOVE_TLS13_IN_LOOP` macro is guarded with `have_null || have_srp || have_rsa_psk`, so it's not 'always' and should work as described in [the comment](https://gitlab.com/gnutls/gnutls/blob/master/lib/priority.c#L1263), as far as I understand it.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/679#note_134127824
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190123/ec35201f/attachment.html>


More information about the Gnutls-devel mailing list