URL: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1d36fe0df74266be57878f16f80790d41dfcf6c
Submitter: Alexis La Goutte (alexis.lagou...@gmail.com)
Changed: branch: master
Repository: wireshark

Commits:

b1d36fe by Peter Wu (pe...@lekensteyn.nl):

    ssl-utils: remove block and key sizes from cipher suites table
    
    There was an implicit dependency between the block size in the cipher
    suites table and the size expected by Libgcrypt. Just remove the block
    size from the table and rely on the value from Libgcrypt to avoid the
    risk of mismatching values (which could lead to a buffer overflow).
    
    While at it, remove the size of the key ("bits") and the size of key
    material ("eff_bits") too. Move the key material sizes for export
    ciphers away from the table and use byte quantities instead of bits.
    
    Additionally, this fixes an issue where 8 bytes of uninitialized stack
    memory is written to the SSL debug log for stream ciphers like RC4.
    The size of the Write Key is also corrected for export ciphers, now it
    prints the actual (restricted) number of bytes that are used.
    
    Change-Id: I71d3c83ece0f02b2e11e45455dc08c41740836be
    Reviewed-on: https://code.wireshark.org/review/17714
    Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
    Tested-by: Petri Dish Buildbot <buildbot-no-re...@wireshark.org>
    Reviewed-by: Alexis La Goutte <alexis.lagou...@gmail.com>
    

Actions performed:

    from  979df81   ssl-utils: fix buffer overrun (read) with AEAD cipher suites
    adds  b1d36fe   ssl-utils: remove block and key sizes from cipher suites 
table


Summary of changes:
 epan/dissectors/packet-ssl-utils.c |  709 +++++++++++++++++++-----------------
 epan/dissectors/packet-ssl-utils.h |   10 +-
 epan/dissectors/packet-ssl.c       |    2 +-
 3 files changed, 390 insertions(+), 331 deletions(-)
___________________________________________________________________________
Sent via:    Wireshark-commits mailing list <wireshark-commits@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-commits
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-commits
             mailto:wireshark-commits-requ...@wireshark.org?subject=unsubscribe

Reply via email to