[En-Nut-Discussion] Problem with new TLS
Harald Kipp
harald.kipp at egnite.de
Fri Jul 11 15:21:56 CEST 2014
Hi,
the following part of tls1.c:add_cert() looks weird:
while (ssl_ctx->certs[i].buf && i < TLS_SSL_MAX_CERTS)
i++;
if (i == TLS_SSL_MAX_CERTS) /* too many certs */
It first accesses certs[TLS_SSL_MAX_CERTS], which doesn't exist and then
checks, whether this access may have been illegal. Not really the code
quality I'd expect from security sensitive routines. :-(
I didn't figured this out myself. Instead GCC 4.7.4 reported:
../../nut/tls/tls1.c: In function 'add_cert':
../../nut/tls/tls1.c:308:26: error: array subscript is above array
bounds [-Werror=array-bounds]
Regards,
Harald
Btw. I'd consider TLS being a protocol and I'm wondering, why it hasn't
been stored in nut/pro/tls.
More information about the En-Nut-Discussion
mailing list