[gnutls-devel] GnuTLS | gnutls_buffer_append_data: avoid use-after-free in the callers (!1399)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue Mar 9 16:47:02 CET 2021




Anderson Sasaki started a new discussion on lib/str.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1399#note_525345767

>  	if (unlikely(dest->data != NULL && dest->allocd == NULL))
>  		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
>  
> +	/* When running under valgrind, use a simpler logic for reallocation;
> +	 * i.e., always call gnutls_realloc_fast() and do not reclaim the
> +	 * no-longer-used area which has been removed from the beginning of
> +	 * buffer with _gnutls_buffer_pop_datum().
> +	 */
> +#ifdef HAVE_VALGRIND_MEMCHECK_H

The idea here is to always trigger the reallocation even when it wouldn't be necessary, right?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1399#note_525345767
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210309/2da8fabc/attachment-0001.html>


More information about the Gnutls-devel mailing list