[gnutls-devel] GnuTLS | Two integer overflows in priority.c (#679)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Jan 23 15:01:10 CET 2019


That looks like a N^2 behavior.

What about
```
if (have_null || have_srp || have_rsa_psk) {
  for (i = j = 0; i < priority_cache->protocol.num_priorities; i++) {
    vers = version_to_entry(priority_cache->protocol.priorities[i]);
    if (!vers || !vers->tls13_sem)
      priority_cache->protocol.priorities[j++] = priority_cache->protocol.priorities[i];
  }
}
priority_cache->protocol.num_priorities = j;
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/679#note_134151619
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190123/9e0ef772/attachment.html>


More information about the Gnutls-devel mailing list