11 Feb
2022
11 Feb
'22
2:35 p.m.
On 2/11/22 13:29, Jiri Denemark wrote:
If 1024 was not enough to fit the DN, gnutls_x509_crt_get_dn would store the required size in subjectlen. And since we're not checking the return value of this function, we would happily overwrite some random memory.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> ---
Notes: Version 2: - do not pass NULL to the first gnutls_x509_crt_get_dn call
src/qemu/qemu_migration_cookie.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal