URL: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a7a4846eb1ddcbf56030f2677b2792423e26f400
Submitter: Peter Wu (pe...@lekensteyn.nl)
Changed: branch: master-2.0
Repository: wireshark

Commits:

a7a4846 by Peter Wu (pe...@lekensteyn.nl):

    ssl-utils: fix buffer overrun (read) with AEAD cipher suites
    
    ssl_cipher_init should only set the IV for CBC cipher suites. NULL
    cipher suites will not invoke gcry_cipher_setiv and AEAD ciphers will
    set the nonce in a different place anyway.
    
    Fixes a buffer overrun (read) by 12 bytes for any AES-CCM and AES-GCM
    cipher suite because the "block size" is set to 4 bytes while the
    reported block size for AES is 16 bytes (128 bit). (The four bytes are
    the "salt" part of the nonce that is extracted from the "client/server
    write IV" part of the key block.)
    
    Observed with the DTLS packet capture from
    
https://ask.wireshark.org/questions/55487/decrypt-application-data-pending-dtls-abbreviated-handshake-using-psk
    
    Change-Id: I4cc7216f2d77cbd1eac9a40dca3fdfde7e7b3680
    Reviewed-on: https://code.wireshark.org/review/17713
    Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
    Tested-by: Petri Dish Buildbot <buildbot-no-re...@wireshark.org>
    Reviewed-by: Alexis La Goutte <alexis.lagou...@gmail.com>
    (cherry picked from commit 979df813dc60358d3f6972d6ca8f5c97ea7b747b)
    Reviewed-on: https://code.wireshark.org/review/17730
    Reviewed-by: Peter Wu <pe...@lekensteyn.nl>
    

Actions performed:

    from  73892d4   Fix a test to work with Xcode 8.
    adds  a7a4846   ssl-utils: fix buffer overrun (read) with AEAD cipher suites


Summary of changes:
 epan/dissectors/packet-ssl-utils.c |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
___________________________________________________________________________
Sent via:    Wireshark-commits mailing list <wireshark-commits@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-commits
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-commits
             mailto:wireshark-commits-requ...@wireshark.org?subject=unsubscribe

Reply via email to