[gnutls-dev] Re: Variant of Bleichenbacher's crypto 06 rump session attack

Andreas Metzler ametzler at downhill.at.eu.org
Mon Sep 11 20:08:24 CEST 2006

On 2006-09-11 Simon Josefsson <jas at extundo.com> wrote:
> Andreas Metzler <ametzler at downhill.at.eu.org> writes:
>> On 2006-09-08 Simon Josefsson <jas at extundo.com> wrote:
>> [...]
>>> The patch that fixes this is for lib/x509/verify.c, see below.
>> [...]
>>> --- /cvs/gnutls/gnutls/lib/x509/verify.c	2005/11/07 23:28:02	1.52
>>> +++ /cvs/gnutls/gnutls/lib/x509/verify.c	2006/09/08 13:38:55
>>> +  len = sizeof (str) - 1;
>>> +  result = asn1_read_value (dinfo, "digestAlgorithm.parameters", NULL, &len);
>> The asn1_read_value() segfaults under certain conditions (libtasn1-3
>> 0.3.5).
>> I have been able to reproduce the segfault

> Can you reproduce it in gnutls 1.4.x?

I have now been able to reproduce this after building gnutls13,
libgcrypt11 and mutt on my worksystem. (Still no idea why it did not
crash in my Debian/unstable chroot.)

> Could you debug this and find
> out exactly what instruction is crashing?

If I single step though it after
result = asn1_read_value (dinfo, "digestAlgorithm.parameters", NULL, &len)
strange things happen. - Once the function is entered the second
argument (digestAlgorithm.parameters) seems to be corrupted.

PUT_VALUE (value, value_size, node->value + len3, len2);
is the actual crashing command.

> Perhaps your gnutls 1.0.16
> was built with the internal (and _old_) version of libtasn1?

as noted above now I've reproduced it with gnutls 1.4.3 and its
included libtasn.

> If you change the line into:

>   result = asn1_read_value (dinfo, "digestAlgorithm.parameters", digest, &len);

> does it work?

Yes, this makes it unreproducible for me (with gnutls 1.4.3).

thanks, cu andreas
The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal
vision of the emperor's, and its inclusion in this work does not constitute
tacit approval by the author or the publisher for any such projects,
howsoever undertaken.                                (c) Jasper Ffforde

More information about the Gnutls-devel mailing list