Vulnerability Development mailing list archives
Re: x509 cert parsing in web browsers
From: pgut001 () cs auckland ac nz (Peter Gutmann)
Date: Mon, 9 Sep 2002 13:43:45 +1200 (NZST)
Michal Zalewski <lcamtuf () dione ids pl> writes:
The certificate format is built around ASN.1 and uses arbitrarily imposed length limitations on bounded strings that describe the certificate. Quite obviously, this is asking for problems, many implementators may assume this is the absolute maximum and may be not prepared to handle any more.
Actually it's quite sensible, it provides a sane upper limit to check for problems, in the same way that any well-designed protocol (and standard in general, e.g. the C language standard) will provide upper limits to eliminate problems with arbitrary data input (in C's case things like recursive macro expansion).
After a ten minute test, it turned out that most of mainstream browsers failed miserably at some point, at minimum allowing DoS because of resource starvation because of apparent parser bugs (Opera), or simply crashing (Netscape, Mozilla).
When I looked at this in a previous century, both Netscape and MSIE could handle arbitrary-length components (> 1MB, where the limit was supposed to be ~100 bytes). Both were half as fast as a heavily-sedated sloth in processing these certs, and I had to delete the Netscape cert DB afterwards to make the program usable again. I never explored it further, but it was obvious that neither of the two were doing any range checking on input, which was kind of worrying for a security-checking application. Peter.
Current thread:
- x509 cert parsing in web browsers Michal Zalewski (Sep 08)
- <Possible follow-ups>
- x509 cert parsing in web browsers Administrator Serwera TEK-ART (Sep 08)
- Re: x509 cert parsing in web browsers Fernando J. Pando (Sep 09)
- Re: x509 cert parsing in web browsers Peter Gutmann (Sep 08)
- Re: x509 cert parsing in web browsers Valdis . Kletnieks (Sep 09)