Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
nds_gtls: fix regression that could lead to attack (never released ve…
…rsion) Commit 7589f42 introduced support for loading certificate chains. Unfortunatley the max number of permitted certificates was miscalculated and so a certificate chain with more than 10 certificates could lead to a buffer overrun. This patch corrects this. Note that the commit was merged just yesterday and there was no release with the affected code. Also, this commit adds GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED to ensure the certificate export will fail with an error message if the certificate list contains too many certificates. Thx to Arne Nordmark for suggesting that option.
- Loading branch information