Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tinydtls-dev] There may be some null-dereference bugs in dtls.c 
Hello Tuo Li,

Thank you very much, you are correct that this needs to be fixed.

(I am not sure what version you are looking at as the develop HEAD has
slightly different line numbers, though.)

Grüße
Olaf

Tuo Li <tuoli96@xxxxxxxxxxx> writes:

> Hello!
>
>     
>
> In handle_handshake_msg(), the variable peer is checked in: 
>
>    if (peer) {
>
>        dtls_stop_retransmission(ctx, peer);
>
>    }
>
> This indicates that peer can be NULL.
>
> If so, some null-dereference bugs will occur in handle_handshake_msg().
>
> peer is also checked in line 3436:
>
>    if (peer && !peer->handshake_params)
>
> and it is dereferenced in line 3451:
>
>    peer->state = DTLS_STATE_CLIENTHELLO;
>
>  
>
> Thanks!
>
>  
>
>                                                                               Tuo Li
>
> _______________________________________________
> tinydtls-dev mailing list
> tinydtls-dev@xxxxxxxxxxx
> To unsubscribe from this list, visit
> https://www.eclipse.org/mailman/listinfo/tinydtls-dev
>

Back to the top