[gnutls-devel] GnuTLS | Fix uninitialized warning in pkcs11.c (2063c619)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Jan 30 15:40:15 CET 2019
Tim Rühsen commented on a discussion on lib/pkcs11.c:
>
> - if (temp_str)
> - len = strlen(temp_str);
> - else if (str_max == 0)
> - len = 0;
> - else
> - len = p11_kit_space_strlen(str, str_max);
> -
> - if (len + 1 > *output_size) {
> + if (len < *output_size) {
> + if (len)
> + memcpy(output, str, len);
> + ((char *) output)[len] = '\0';
> + *output_size = len;
> + ret = 0;
> + } else {
I see. But we currently don't have a test that we can easily extend. The function is called during the tests only indirectly from p11tool. IMO we should have a fuzzer for the gnutls_pkcs11 API. But that is definitely a different issue.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/commit/2063c6193af6653175e6bc073babea607e5b0ff4#note_136602212
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190130/2e76e87d/attachment.html>
More information about the Gnutls-devel
mailing list