...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
CERT vulnerability 720951 describes a vulnerability in OpenSSL versions 1.0.1 through 1.0.1f, popularly known as "Heartbleed". This vulnerability allows a malicious packet fed to a server using OpenSSL to trick that server into returning up to 64 kilobytes of its internal memory. This memory can contain sensitive information, including cryptographic keys, usernames and passwords.
The vulnerable code appears below:
Code Block | ||||
---|---|---|---|---|
| ||||
int
dtls1_process_heartbeat(SSL *s)
{
unsigned char *p = &s->s3->rrec.data[0], *pl;
unsigned short hbtype;
unsigned int payload;
unsigned int padding = 16; /* Use minimum padding */
/* Read type and payload length first */
hbtype = *p++;
n2s(p, payload);
pl = p;
// ...
if (hbtype == TLS1_HB_REQUEST)
{
unsigned char *buffer, *bp;
int r;
/* Allocate memory for the response, size is 1 byte
* message type, plus 2 bytes payload length, plus
* payload, plus padding
*/
buffer = OPENSSL_malloc(1 + 2 + payload + padding);
bp = buffer;
/* Enter response type, length and copy payload */
*bp++ = TLS1_HB_RESPONSE;
s2n(payload, bp);
memcpy(bp, pl, payload);
|
This code processes a 'heartbeat' packet from a client. The p
pointer, along with payload
and p1
contain data from this packet. The code allocates a buffer
sufficient to contain payload
bytes, with some overhead, and copies payload
bytes starting at p1
into this buffer, and sends it to the client. Notably absent are any checks that payload
actually indicates the correct size of the memory. Because an attacker can specify an arbitrary value for payload
, she can cause this routine to read and return memory beyond the block allocated to p
.
Related Guidelines
CERT C++ Secure Coding Standard | INT04-CPP. Enforce limits on integer values originating from untrusted sources |
ISO/IEC TS 17961 | Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink] |
...