Full Disclosure mailing list archives
Re: incorrect integer conversions in OpenSSL can result in memory corruption.
From: Benjamin Kreuter <ben.kreuter () gmail com>
Date: Thu, 19 Apr 2012 10:32:01 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Thu, 19 Apr 2012 12:35:22 +0200 Tavis Ormandy <taviso () cmpxchg8b com> wrote:
All versions of OpenSSL on all platforms up to and including version 1.0.1 are affected.
[snip]
BUF_MEM_grow_clean accepts a size_t, but the subroutine it uses to handle the allocation only accepts a 32bit signed integer.
Correct me if I am wrong, but shouldn't this only be a problem on systems where a size_t is wider than an int i.e. not on 32 bit systems? - -- Ben - -- Benjamin R Kreuter UVA Computer Science brk7bx () virginia edu KK4FJZ - -- "If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them." - George Orwell -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBCgAGBQJPkCHhAAoJEOV0+MnZK9ijbWoQAJC8v+OkmNJexaZdBXj3EVhs hQR9nAUj1LljJxUA03z4X/eO0qfd+YusRtpt3v8w8Lbc1eULI05/1AVbt9C9pnh4 jX89fw+MjWx35aSUnlPWZTVO7JZspIIY3Khhm+RX0mEy6X2QtFhmrrRDxeedKC8M CHp6ZXhVVo/mkCrPUg7tN68mufN6nnR5jOHRs/PcsxvfDV4eu5IbvdLYQygg6a6p fmH2nuBeuvsYFTbWsVB+r2NTREDsNfO0g58B01AqabhyjtwQ5lJQ6mcEmmIalyeI HDB0pYXIcOpRZpDXWsDXvXrRUNCYBAwBT2g8hguTb64yzTl8ySNfJIKp7jlU+sTb lFlfGDiXLTFAnBFE8DXszUoE55PqrL4HMQSww6vM5h2gpAatn5r8HyuoUkpniD1m z/cxULWgDw3YxcM1OnoJVvb+WcPuWlWjtpX4nT/3CYi+vV4TOHhL7yctg9VsEPKL YuSZ3ZppfKnZe59v2CR+/azy3tDPUtBGSrDKSePXbtmYR5gXKpQX7BrX70mXyCVe Czf+7q+/qW0dySLjXmiAPtBiyYv/ggdYJJ4DHCZMX6ilPbGI+Tt8A1KJ0mz+o9Uz rFoYRpVECQio/bnz906B15a2VBXjsZb+DZ3VbHqOVDCNtxV6cHfHIjUs0XSyDPMj CIcgX/FcVyT1lqHo7NeZ =3sF/ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- incorrect integer conversions in OpenSSL can result in memory corruption. Tavis Ormandy (Apr 19)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Benjamin Kreuter (Apr 19)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Douglas Huff (Apr 20)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 21)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Zach C. (Apr 21)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 21)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. Benjamin Kreuter (Apr 19)
- Re: incorrect integer conversions in OpenSSL can result in memory corruption. sd (Apr 24)