diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-02-24 12:59:59 +0100 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-02-25 15:42:48 +0100 |
| commit | 380f18ed5f140e0ae1b68f3ab8f4f7c395658d9e (patch) | |
| tree | 83e686e480f176176595a3b2f388be366b774b08 /util | |
| parent | 37529928faa8456e85a9c5ad9255517da8dd0c61 (diff) | |
CVE-2016-0798: avoid memory leak in SRP
The SRP user database lookup method SRP_VBASE_get_by_user had confusing
memory management semantics; the returned pointer was sometimes newly
allocated, and sometimes owned by the callee. The calling code has no
way of distinguishing these two cases.
Specifically, SRP servers that configure a secret seed to hide valid
login information are vulnerable to a memory leak: an attacker
connecting with an invalid username can cause a memory leak of around
300 bytes per connection.
Servers that do not configure SRP, or configure SRP but do not configure
a seed are not vulnerable.
In Apache, the seed directive is known as SSLSRPUnknownUserSeed.
To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user
is now disabled even if the user has configured a seed.
Applications are advised to migrate to SRP_VBASE_get1_by_user. However,
note that OpenSSL makes no strong guarantees about the
indistinguishability of valid and invalid logins. In particular,
computations are currently not carried out in constant time.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'util')
| -rwxr-xr-x | util/libeay.num | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/util/libeay.num b/util/libeay.num index ca8e9ece68..ad7ad9df85 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -4073,7 +4073,7 @@ OPENSSL_memcmp 4565 1_1_0 EXIST::FUNCTION: OPENSSL_strncasecmp 4566 1_1_0 EXIST::FUNCTION: OPENSSL_gmtime 4567 1_1_0 EXIST::FUNCTION: OPENSSL_gmtime_adj 4568 1_1_0 EXIST::FUNCTION: -SRP_VBASE_get_by_user 4569 1_1_0 EXIST::FUNCTION:SRP +SRP_VBASE_get_by_user 4569 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SRP SRP_Calc_server_key 4570 1_1_0 EXIST::FUNCTION:SRP SRP_create_verifier 4571 1_1_0 EXIST::FUNCTION:SRP SRP_create_verifier_BN 4572 1_1_0 EXIST::FUNCTION:SRP @@ -4711,3 +4711,5 @@ OPENSSL_thread_stop 5213 1_1_0 EXIST::FUNCTION: OPENSSL_INIT_new 5215 1_1_0 EXIST::FUNCTION: OPENSSL_INIT_free 5216 1_1_0 EXIST::FUNCTION: OPENSSL_INIT_set_config_filename 5217 1_1_0 EXIST::FUNCTION: +SRP_user_pwd_free 5218 1_1_0 EXIST::FUNCTION:SRP +SRP_VBASE_get1_by_user 5219 1_1_0 EXIST::FUNCTION:SRP |