Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1

To: Marco d'Itri <md@linux.it>, 939526@bugs.debian.org
Subject: Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 17 Sep 2019 12:25:28 +0100
Message-id: <[🔎] 61d58f67d692c03a70ddfbbc58837d5a@mail.adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 939526@bugs.debian.org
In-reply-to: <[🔎] 20190905214158.GA20784@bongo.bofh.it>
References: <[🔎] 20190905214158.GA20784@bongo.bofh.it> <[🔎] 20190905214158.GA20784@bongo.bofh.it>

Control: tags -1 + moreinfo

On 2019-09-05 22:41, Marco d'Itri wrote:
[...]

++    switch(level)
++    {
++        case 0: /* Everything is permitted. */
++        case 1: /* DH keys shorter than 1024 bits are prohibited. */
++        case 2: /* DH keys shorter than 2048 bits are prohibited. */
++            if (ffdhe2048 == NULL) {
++                ffdhe2048 = load_dh_buffer(file_ffdhe2048,
++                                           sizeof(file_ffdhe2048));
++                r = ffdhe2048;
++            }
++            break;

[etc]

++    return r;

Shouldn't the assignment to "r" be outside of the conditional?Otherwise, if ffdheX has previously been initialised, the function willreturn NULL rather than the previously loaded buffer.


Regards,

Adam

Reply to:

Follow-Ups:
- Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
  - From: Marco d'Itri <md@linux.it>

References:
- Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
  - From: Marco d'Itri <md@linux.it>

Prev by Date: Processed: tagging 939738
Next by Date: Processed: Re: Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
Previous by thread: Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
Next by thread: Bug#939526: buster-pu: package inn2/2.6.3-1~deb10u1
Index(es):
- Date
- Thread