On Wed, Apr 09, 2014 at 09:59:59PM -0400, Peter Malone wrote: > Unless I'm mistaken, the following memcmp is vulnerable to a remote > timing attack. > https://github.com/openssl/openssl/blob/master/ssl/ssl_lib.c#L1974 > static int ssl_session_cmp(const SSL_SESSION *a,const SSL_SESSION *b) > { > if (a->ssl_version != b->ssl_version) > return(1); > if (a->session_id_length != b->session_id_length) > return(1); > return(memcmp(a->session_id,b->session_id,a->session_id_length)); > }
Not used anywhere though, just a corpse lying around in the code.
signature.asc
Description: Digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
