Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9512] New: dtls: fix buffer overflow in mac check

Wireshark-bugs: [Wireshark-bugs] [Bug 9512] New: dtls: fix buffer overflow in mac check

Date: Thu, 05 Dec 2013 16:40:36 +0000

Bug ID	9512
Summary	dtls: fix buffer overflow in mac check
Classification	Unclassified
Product	Wireshark
Version	SVN
Hardware	All
OS	All
Status	UNCONFIRMED
Severity	Critical
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Created attachment 12237 [details]
dtls: fix buffer overflow in mac check

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
With SHA256 32 bytes and with SHA384 48 bytes are needed for the hash
in dtls_check_mac(), but it only had 20, which was enough for SHA1.
In dtls_check_mac() ssl_hmac_final() is called with a buffer of 20
bytes, but it needed more, which caused a buffer overflow.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM_8
Next by Date: [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
Previous by thread: [Wireshark-bugs] [Bug 9511] Dissectors are called MANY more times with qtshark than with wireshark
Next by thread: [Wireshark-bugs] [Bug 9512] dtls: fix buffer overflow in mac check
Index(es):
- Date
- Thread