Wireshark-bugs: [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
Date: Fri, 06 Dec 2013 14:54:56 +0000

changed bug 9512

What Removed Added
Status UNCONFIRMED CONFIRMED
CC   lekensteyn@gmail.com
Ever confirmed   1

Comment # 7 on bug 9512 from
(In reply to comment #6)
> Created attachment 12243 [details]
> Fix invalid read and correct PSK upper bound
> 
> I could not reproduce the crash mentioned before, but the patch from comment
> 2 fixes a valid bug.
> 
> While running valgrind, I found another bug, fixed by the attached patch.
> There is still a valgrind warning which probably results in another patch
> later this day.

The PSK stuff can get some rework. It remains almost untouched for the most
part since its introduction in:

commit 839680277328bf6b96d17971d483066fdfc41462
Author: Anders Broman <anders.broman@ericsson.com>
Date:   Thu Jun 24 06:01:11 2010 +0000

    From "wiresharkbugzilla@jdkbx.cjb.net":
    Support for RFC4279 Pre-Shared Key Ciphersuites for Transport Layer
Security (TLS)
    https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4853

    svn path=/trunk/; revision=33309

I have no idea why the SslDecryptSession contains a "psk" that is overwritten
every time. One improvement that could be made is to avoid the conversion from
hex to bytes every time.

Another improvement is to allow multiple PSK, similar to the SSL dissector
accepting multiple premaster secrets and private keys. I do not need such
functionality, so I leave it to someone else who needs it.

The previous patch was based on your other patches from bug 9499 and the
overflow fix above. My history (based on master rv53703) is:

c4b3027 dtls: set ssl_set_server()
f873517 SSL: add decrypt support for CCM and CCM_8 Ciphers
5fdccf8 dtls: add psk decrypt support
9626d1d dlts: add cipher version for OpenSSL pre 0.9.8f
baa906a dtls: fix buffer overflow in mac check
9c6dcc8 ssl-utils: Fix invalid read and psk upper bound


You are receiving this mail because:
  • You are watching all bug changes.