[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Patched, but still vulnerable



On Fri, Apr 11, 2014 at 08:18:55AM -0400, James Rome wrote:
> I have applied all patched to my OpenSUSE 13.1 server and restarted
> Apache, but https://www.ssllabs.com/ssltest/analyze.html says I am still
> vulnerable to heartbleed. What else must I do?

Looking at the current git code checkout of openssl,
right where it has been reviewed and patched for this heartbleed thing,
we see unchecked malloc... code like this:

 buf = OPENSSL_malloc(1 + 2 + payload + padding);
 p = buf;
 *p++ = TLS1_HB_REQUEST;

Just wondering ...
I mean, that code has just been reviewed, those very lines have been
patched, and there is still a potential (however unlikely) NULL pointer
deref inside the lib code?

if (!buffer)
	/* ignore */ ...

Seems like the obvious choice...

Cheers,

	Lars Ellenberg

-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx