Submitter: Alexis La Goutte (alexis.lagou...@gmail.com)
Changed: branch: master
b1d36fe by Peter Wu (pe...@lekensteyn.nl):
ssl-utils: remove block and key sizes from cipher suites table
There was an implicit dependency between the block size in the cipher
suites table and the size expected by Libgcrypt. Just remove the block
size from the table and rely on the value from Libgcrypt to avoid the
risk of mismatching values (which could lead to a buffer overflow).
While at it, remove the size of the key ("bits") and the size of key
material ("eff_bits") too. Move the key material sizes for export
ciphers away from the table and use byte quantities instead of bits.
Additionally, this fixes an issue where 8 bytes of uninitialized stack
memory is written to the SSL debug log for stream ciphers like RC4.
The size of the Write Key is also corrected for export ciphers, now it
prints the actual (restricted) number of bytes that are used.
Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-re...@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagou...@gmail.com>
from 979df81 ssl-utils: fix buffer overrun (read) with AEAD cipher suites
adds b1d36fe ssl-utils: remove block and key sizes from cipher suites
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 709 +++++++++++++++++++-----------------
epan/dissectors/packet-ssl-utils.h | 10 +-
epan/dissectors/packet-ssl.c | 2 +-
3 files changed, 390 insertions(+), 331 deletions(-)
Sent via: Wireshark-commits mailing list <firstname.lastname@example.org>