diff options
author | Alban Crequy <alban.crequy@collabora.co.uk> | 2011-11-07 18:51:27 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-11-07 21:31:14 +0100 |
commit | 190cef6eed37d0e73a73c1e205eb31d45ab60a3c (patch) | |
tree | f51d77bbe853d4cc363264fe6a5b23113588c4ce | |
parent | c6b1847aff211db23cb1f12e8c55ce6055943750 (diff) | |
download | gnutls-190cef6eed37d0e73a73c1e205eb31d45ab60a3c.tar.gz |
gnutls_session_get_data: fix possible buffer overflow
The test to avoid the buffer overflow was always false because
session_data_size was set at the wrong place. This problem has been introduced
by this commit:
|commit ad4ed44c65e753e6d3a00104c049dd81826ccbf3
|Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|Date: Mon Nov 7 22:24:48 2005 +0000
|
| This is the initial commit in the 1.3 branch. Ported from the PSK branch:
| * PSK ciphersuites have been added.
| * The session resumption data are now system independent.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | lib/gnutls_session.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/gnutls_session.c b/lib/gnutls_session.c index 8028d5a4f8..418a2ba16e 100644 --- a/lib/gnutls_session.c +++ b/lib/gnutls_session.c @@ -63,13 +63,13 @@ gnutls_session_get_data (gnutls_session_t session, gnutls_assert (); return ret; } - *session_data_size = psession.size; if (psession.size > *session_data_size) { ret = GNUTLS_E_SHORT_MEMORY_BUFFER; goto error; } + *session_data_size = psession.size; if (session_data != NULL) memcpy (session_data, psession.data, psession.size); |