[From nobody Sat Mar 21 13:49:06 2026
Received: (at submit) by bugs.debian.org; 21 Mar 2014 06:04:13 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2-bugs.debian.org_2005_01_02
 (2011-06-06) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-14.9 required=4.0 tests=BAYES_00, FOURLA, HAS_PACKAGE,
 SPF_FAIL,XMAILER_REPORTBUG,X_DEBBUGS_CC autolearn=ham
 version=3.3.2-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 38; hammy, 148; neutral, 100; spammy,
 3. spammytokens:0.999-1--H*r:sk:50-192-, 0.999-1--H*RU:sk:50-192-,
 0.997-1--Hx-spam-relays-external:sk:50-192- hammytokens:0.000-+--H*x:6.4.4,
 0.000-+--H*UA:6.4.4, 0.000-+--H*M:reportbug, 0.000-+--H*MI:reportbug,
 0.000-+--H*x:reportbug
Return-path: &lt;debian@bwysystems.com&gt;
Received: from 50-192-119-81-static.hfc.comcastbusiness.net ([50.192.119.81]
 helo=[127.0.1.1]) by buxtehude.debian.org with esmtp (Exim 4.80)
 (envelope-from &lt;debian@bwysystems.com&gt;) id 1WQsYu-0007ad-Eg
 for submit@bugs.debian.org; Fri, 21 Mar 2014 06:04:13 +0000
Content-Type: text/plain; charset=&quot;us-ascii&quot;
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Brandon &lt;debian@bwysystems.com&gt;
To: Debian Bug Tracking System &lt;submit@bugs.debian.org&gt;
Subject: libssl1.0.0: TLSv1_client_method()/SSL_Connect() heap overrun
Message-ID: &lt;20140321060411.24666.39288.reportbug@flux&gt;
X-Mailer: reportbug 6.4.4
Date: Fri, 21 Mar 2014 02:04:11 -0400
X-Debbugs-Cc: debian@bwysystems.com
Delivered-To: submit@bugs.debian.org

Package: libssl1.0.0
Version: 1.0.1e-2+deb7u4
Severity: normal

Dear Maintainer,

When creating a client context with SSL_CTX_new(TLSv1_client_method()),
SSL_Connect() triggers a heap overrun with the following output from valgrind:

==24315== Thread 10:
==24315== Invalid write of size 4
==24315==    at 0x4C2B4FF: memset (mc_replace_strmem.c:966)
==24315==    by 0x5894BAE: MD5_Final (md5.c:293)
==24315==    by 0x72A8CED: EVP_DigestFinal_ex (digest.c:272)
==24315==    by 0x673797A: ssl3_get_key_exchange (s3_clnt.c:1782)
==24315==    by 0x673B042: ssl3_connect (s3_clnt.c:359)
==24315==    by 0x58818EE: _sock_connected (sock.c:596)
==24315==    by 0x587A531: _thread (thread.c:644)
==24315==    by 0x5442B4F: start_thread (pthread_create.c:304)
==24315==  Address 0x7866694 is 0 bytes after a block of size 100 alloc'd
==24315==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==24315==    by 0x721B77F: CRYPTO_malloc (mem.c:308)
==24315==    by 0x72A8B48: EVP_DigestInit_ex (digest.c:210)
==24315==    by 0x673791A: ssl3_get_key_exchange (s3_clnt.c:1777)
==24315==    by 0x673B042: ssl3_connect (s3_clnt.c:359)
==24315==    by 0x58818EE: _sock_connected (sock.c:596)
==24315==    by 0x587A531: _thread (thread.c:644)
==24315==    by 0x5442B4F: start_thread (pthread_create.c:304)
==24315==

SSL_Connect() returned WANT_READ, and once there was data on the socket calling
SSL_Connect() the second time triggered the bug.

The bug is fixed by creating a context with SSLv23_client_method() instead.

Thanks,
Brandon


-- System Information:
Debian Release: 7.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libssl1.0.0 depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  libc6                  2.13-38+deb7u1
ii  multiarch-support      2.13-38+deb7u1
ii  zlib1g                 1:1.2.7.dfsg-13

libssl1.0.0 recommends no packages.

libssl1.0.0 suggests no packages.

-- debconf information excluded
]