[gnutls-devel] An (historical) heartbeat.c issue more relevant to Heartbleed
peter.dettman at bouncycastle.org
Sat Apr 12 08:37:58 CEST 2014
I would like to draw the list's attention to this commit of heartbeat.c:
Putting aside the error in setting the message type, let's look at the
_gnutls_write_uint16 call. This call is necessary to correctly set the
HeartbeatMessage.payload_length field, and was apparently an oversight
in the previous commit which migrated from the use of gnutls_buffer_st.
In the absence of the payload_length being set correctly, it actually is
written to from the random data of the payload itself (or perhaps
padding if the payload is short). It seems clear that at least some of
those generated packets will therefore be malformed in the precise
manner associated with the Heartbleed vulnerability.
The previous commit also introduced the ability to disable heartbeats
when building, but AFAICT, they remained enabled by default. At a
cursory analysis, the affected releases are/were: 3.1.7, 3.1.8, 3.1.9,
3.1.10. Those presently scouring their logs for evidence of the
Heartbleed attack in the wild may need to take this into account.
I have not yet confirmed this behaviour with actual builds, and would
welcome corrections on any of the above.
More information about the Gnutls-devel