diff options
author | Ludovic Courtès <ludo@chbouib.org> | 2007-06-13 19:41:57 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2007-06-14 09:05:16 +0200 |
commit | d2c3f9c514ae1252d4f0e9f3a143c6aa360902db (patch) | |
tree | 44eebefd7fa7f576c97441b21d9830bba086a235 | |
parent | 937885f613a5dc4ef88a29f0070d3bc1ef752cc5 (diff) | |
download | gnutls-d2c3f9c514ae1252d4f0e9f3a143c6aa360902db.tar.gz |
Fix off-by-one in TLS 1.2 handshake.
* lib/auth_cert.c (_gnutls_gen_cert_server_cert_req): Before invoking
`gnutls_malloc ()', increment SIZE when using TLS 1.2 so that the
allocated buffer is large-enough to contain the list of supported
hashes. Don't change SIZE later on.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
-rw-r--r-- | lib/auth_cert.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/auth_cert.c b/lib/auth_cert.c index 9114f09cfa..f91c71c4b6 100644 --- a/lib/auth_cert.c +++ b/lib/auth_cert.c @@ -1417,6 +1417,11 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data) session->internals.ignore_rdn_sequence == 0) size += cred->x509_rdn_sequence.size; + if (ver == GNUTLS_TLS1_2) + /* Need at least one byte to announce the number of supported hash + functions (see below). */ + size += 1; + (*data) = gnutls_malloc (size); pdata = (*data); @@ -1436,7 +1441,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data) { /* Supported hashes (nothing for now -- FIXME). */ *pdata = 0; - pdata++, size++; + pdata++; } if (session->security_parameters.cert_type == GNUTLS_CRT_X509 && |