[gnutls-devel] GnuTLS | Fix coverity in lib/ (!1092)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Oct 14 20:11:36 CEST 2019




Nikos Mavrogiannopoulos started a new discussion on lib/str.c: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_230218330

>  	gnutls_datum_t tdata;
>  
>  	_gnutls_buffer_pop_datum(str, &tdata, req_size);
> -	if (tdata.data == NULL || tdata.size != req_size) {
> +	if (tdata.data == NULL || tdata.size > req_size) {

Hmmm, that is tricky. This function has no way to return the size of the data, nor it is expected to. It is all or nothing, so the existing limitation seems reasonable.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1092#note_230218330
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191014/b2d16161/attachment.html>


More information about the Gnutls-devel mailing list