On Sat, Dec 09, 2017 at 09:23:13AM +0100, Sebastien Marie wrote:
>
> but I am unsure with nc(1) works sometimes...
>
replying to myself...
because inside nc(1), it uses an uninitialized stack value in such cases...
150 main(int argc, char *argv[])
151 {
...
164 uint32_t protocols;
...
499 if (tls_config_parse_protocols(&protocols,
tls_protocols) == -1)
500 errx(1, "invalid TLS protocols `%s'",
tls_protocols);
501 if (tls_config_set_protocols(tls_cfg, protocols) == -1)
502 errx(1, "%s", tls_config_error(tls_cfg));
with current code in libtls, tls_config_parse_protocols() returns
something that it isn't -1, so protocols is still uninitialized and
tls_config_set_protocols() just use the uninitialized value...
--
Sebastien Marie
