On 2012-11-12 "Дёмин К.А." <rockdri...@gmail.com> wrote: > I've seen fresh libgnutls26-2.12.21-3 and it's sources, but Matthieu's > patch isn't in "debian/patches" nor in "lib/x509/privkey_pkcs8.c". [...]
Hello, does the attached patch (same solution as in gnutls28) work for you? cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
Description: Prevent segfault on strlen(NULL) already fixed in GnuTLS 3 at 95a922c2a8b75e6eddbcc688c0d719d0b07ee395 Bug-Debian: http://bugs.debian.org/647747 Last-Update: 2012-11-12 --- gnutls26-2.12.20.orig/lib/x509/privkey_pkcs8.c +++ gnutls26-2.12.20/lib/x509/privkey_pkcs8.c @@ -1577,8 +1577,12 @@ decrypt_data (schema_id schema, ASN1_TYP cipher_hd_st ch; int ch_init = 0; int key_size; + unsigned int password_lenght=0; data_size = 0; + if (password) { + password_lenght = strlen(password); + } result = asn1_read_value (pkcs8_asn, root, NULL, &data_size); if (result != ASN1_MEM_ERROR) { @@ -1625,7 +1629,7 @@ decrypt_data (schema_id schema, ASN1_TYP case PBES2_AES_192: case PBES2_AES_256: - result = _gnutls_pbkdf2_sha1 (password, strlen (password), + result = _gnutls_pbkdf2_sha1 (password, password_lenght, kdf_params->salt, kdf_params->salt_size, kdf_params->iter_count, key, key_size); @@ -1881,6 +1885,11 @@ generate_key (schema_id schema, { opaque rnd[2]; int ret; + unsigned int password_lenght=0; + + if (password) { + password_lenght = strlen(password); + } ret = _gnutls_rnd (GNUTLS_RND_RANDOM, rnd, 2); if (ret < 0) @@ -1955,7 +1964,7 @@ generate_key (schema_id schema, case PBES2_AES_192: case PBES2_AES_256: - ret = _gnutls_pbkdf2_sha1 (password, strlen (password), + ret = _gnutls_pbkdf2_sha1 (password, password_lenght, kdf_params->salt, kdf_params->salt_size, kdf_params->iter_count, key->data, kdf_params->key_size);
