#41 Memory leak during second SSL handshake

open
decryption (15)
5
2007-01-04
2007-01-04
dimrub
No

Some web servers (notoriously - IIS) tend to perform a 'double handshake' (aka 'step up protocol'). It causes a key material of the first handshake overwritten by the key material of the second handshake, thus never released. Here's the patch that fixes this:

*** ssldecode.c 2002-08-17 04:33:17.000000000 +0300
--- ssldecode.c.new 2007-01-04 11:44:17.000000000 +0200
***************
*** 307,317 ****
--- 307,323 ----
{
#ifdef OPENSSL
if(direction==DIR_I2R){
+ if (d->c_to_s) {
+ ssl_destroy_rec_decoder(&d->c_to_s);
+ }
d->c_to_s=d->c_to_s_n;
d->c_to_s_n=0;
if(d->c_to_s) ssl->process_ciphertext |= direction;
}
else{
+ if (d->s_to_c) {
+ ssl_destroy_rec_decoder(&d->s_to_c);
+ }
d->s_to_c=d->s_to_c_n;
d->s_to_c_n=0;
if(d->s_to_c) ssl->process_ciphertext |= direction;

Discussion

  • dimrub

    dimrub - 2007-01-04
     
  • dimrub

    dimrub - 2007-01-04

    Logged In: YES
    user_id=1468321
    Originator: YES

    In order to avoid problems with white spaces, I am attaching the patch below.

    File Added: patch

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks