Hi again,
Narrowed it down a bit.
Server's SSL context must be one of TLSv1_xxx types, SSLvX_yyy are not
vulnerable.
regards,
alex
> -----Original Message-----
> From: Alex Pankratov
> Sent: April 5, 2002 15:20
> To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
> Subject: Bug in ssl3_read_bytes()
>
>
> Hi there,
>
> the following problem is present in 0.9.6 and 0.9.6c.
>
> It is possible to put server code into the internal infinite
> loop in ssl3_read_bytes() by sending the following data from
> the client right after establishing TCP connection:
>
> 01 03 01 00 01 00
>
> i.e. the record with type 1, version TLSv1, size 1 and dummy payload.
>
> Calling stack will look like this:
> SSL_accept()
> ssl3_accept()
> ssl3_get_client_hello()
> ssl3_get_message()
> ssl3_read_bytes()
>
> The problem is in the code that was supposed to ignore unknown TLS
> message types:
>
> switch (rr->type)
> {
> default:
> #ifndef NO_TLS
> /* TLS just ignores unknown message types */
> if (s->version == TLS1_VERSION)
> {
> goto start;
> }
> #endif
> ...
>
> The code passes control back to start without resetting 'rr' length,
> thus causing code not to ignore the record and process next one, but
> rather process current one *again*. This yeilds an infinite loop.
>
> From the first glance, the fix is to add
>
> rr->length = 0;
>
> right before 'goto start;' line from above. This may leak a memory
> though if 'rr' requires explicit disposition via function call.
>
> I am not subscribed to any openssl maillists, so please reply
> privately
> if needed.
>
> regards,
> alex.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
