On Sat, Dec 09, 2017 at 09:23:13AM +0100, Sebastien Marie wrote: > > but I am unsure with nc(1) works sometimes... >
replying to myself... because inside nc(1), it uses an uninitialized stack value in such cases... 150 main(int argc, char *argv[]) 151 { ... 164 uint32_t protocols; ... 499 if (tls_config_parse_protocols(&protocols, tls_protocols) == -1) 500 errx(1, "invalid TLS protocols `%s'", tls_protocols); 501 if (tls_config_set_protocols(tls_cfg, protocols) == -1) 502 errx(1, "%s", tls_config_error(tls_cfg)); with current code in libtls, tls_config_parse_protocols() returns something that it isn't -1, so protocols is still uninitialized and tls_config_set_protocols() just use the uninitialized value... -- Sebastien Marie