[gnutls-devel] GnuTLS | Null Pointer Dereference in x86 HMAC Fast Backend via `gnutls_hmac_fast()` (#1898)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Jun 5 01:58:38 CEST 2026
Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/work_items/1898#note_3424215749
> `gnutls_hmac_fast(GNUTLS_MAC_SHA1, NULL, 16, text, sizeof(text), digest);`
This is an API mis-use, which is out of scope of our threat model: https://gitlab.com/gnutls/gnutls/-/blob/master/SECURITY.md?ref_type=heads#threat-model
If we were to address it, that would be adding an `assert` to be clear that it is a programming error of the application.
Please stop reporting issues in this class of problems.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1898#note_3424215749
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/5-92ga6aqmocjve8t5u5l9e1bwf-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260604/5dd56a91/attachment.html>
More information about the Gnutls-devel
mailing list