[Pkg-gnutls-maint] Bug#478191: Bug#478191: /usr/bin/gnutls-cli: Fatal error: Internal error in memory allocation.

[Simon Josefsson]

Marc Haber <mh+debian-bugs at zugschlus.de> writes:

> just another exim4 issue which - this time - uncovered an issue in
> gnutls-cli and libgnutls. When connecting to mail.campbell-lange.net,
> GnuTLS clients crash during TLS handshake. This happens with exim, but
> also with gnutls-cli (both from current unstable, but both crashes
> also occur with etch clients). The server is running Debian lenny.
>
> Here is the output of gnutls-cli on current sid:
> $ gnutls-cli -s -p 25 mail.campbell-lange.net
> Resolving 'mail.campbell-lange.net'...
> Connecting to '217.147.82.36:25'...

Ah, thanks, I didn't notice the hostname before.  Ok, this seems to be
the same problem as Marc F. Clemente's report in #466477 (which seems
unrelated to the original problem in that bug..).  It isn't a crash (as
in segfault) in the library, only in gnutls-cli -- and the patch
provided in that bug report solves the crash.  Exim should have received
the internal error in memory allocation code.

However, the real cause here are the excessively large set of known CAs
that the server sends.  GnuTLS probably can't handle the size here.

The error message is probably slightly incorrect, it is probably running
into a fixed size memory size limit.

I'll see if I can debug this further.

/Simon