[gnutls-devel] GnuTLS | Two integer overflows in priority.c (#679)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Jan 23 14:56:17 CET 2019
> So we can easily do the REMOVE_TLS13_IN_LOOP outside the main loop.
That would require 2-path iterations over the array, no? The current logic is something like:
```
for i in 0...n {
if entries[i] is NULL, SRP, or PSK {
// REMOVE_TLS13_IN_LOOP
if entries[i] is TLS 1.3 {
entries[i...n] <- entries[i+1...n] // (*)
retry the loop from i
}
}
...
}
```
I don't see anything wrong here, though it might be a little cleaner if (*) is rewritten using memmove, and `REMOVE_TLS13_IN_LOOP` doesn't take `i` as the argument.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/679#note_134149897
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190123/57a25d91/attachment.html>
More information about the Gnutls-devel
mailing list