[gnutls-devel] GnuTLS | Add positive value check for preventing NULL Pointer Dereference (#1759)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Nov 4 17:00:19 CET 2025
7erry created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1759
## [CVE-2021-4209](https://nvd.nist.gov/vuln/detail/CVE-2021-4209)
`wrap_nettle_hash_fast` in `lib/nettle/mac.c` once caused NULL Pointer Dereference reported as CVE-2021-4209 and was fixed in Commit 3db3527
## Similar issues
Each of the following functions contains a similar logic
- `wrap_aarch64_hmac_fast` in `lib/accelerated/aarch64/hmac-sha-aarch64.c`
- `wrap_aarch64_hash_fast` in `lib/accelerated/aarch64/sha-aarch64.c`
- `wrap_x86_hmac_fast` in `lib/accelerated/x86/hmac-x86-ssse3.c`
- `wrap_x86_hash_fast` in `lib/accelerated/x86/sha-x86-ssse3.c`
- `wrap_nettle_mac_fast` in `lib/nettle/mac.c`
Would it make sense to fix them in the same way Commit 3db3527 did?
Thank you for spending your time reading this issue. Apologies if I missed anything.``
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1759
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20251104/fbbc9e16/attachment-0001.html>
More information about the Gnutls-devel
mailing list