Security Bug due to Unchecked use of GnuTLS function
Yuan Jochen Kang
yjk2106 at columbia.edu
Mon Apr 18 19:39:17 EDT 2016
Yes, I agree with your assessment.
On Tue, Apr 12, 2016 at 9:47 AM, Ethan Blanton <elb at pidgin.im> wrote:
> Yuan Jochen Kang spake unto us the following wisdom:
> > We are security researchers at Columbia University and the University of
> > Virginia. As part of a research project, we have built a tool for
> > automatically finding error handling bugs and are testing it on various
> > cryptographic libraries and applications that use them.
> > We discovered that failures of gnutls_x509_crt_init are sometimes
> > which could make the resulting certificate invalid.
> I see two instances of this. I agree that it is a problem, and needs
> to be fixed.
> However, I think (please correct me if I am wrong) that the
> possibility for failure is extremely small (analysis follows), and in
> fact likely to be caught in other ways that mitigate the problem.
> Therefore, I would suggest that we add this fix to our queue of
> security fixes for the next regular release (which I believe is
> currently empty) and perform a coordinated release (with CVE) at that
> I think this is a pretty slim possibility because, after having
> examined the gnutls source, it appears that the function in question
> can fail in only three circumstances:
> 1) GnuTLS has not been initialized or is not properly configured.
> This would have caused a failure somewhere else. We shouldn't rely
> on that, but it is certainly a mitigating factor.
> 2) A failure to allocate memory. This is mitigated by the fact that
> Pidgin aborts on failure to allocate, and so it will almost
> certainly fail elsewhere in this process and abort before any
> substantial damage can be done. It's true that this is a race
> (gnutls potentially uses a different allocator than Pidgin, which
> uses the glib allocator), so a bug that allowed arbitrary
> allocation pre-SSL-handshake, for example, could make this gnutls
> bug much worse; however, I think the window is relatively small and
> the likelihood of exploiting low.
> 3) A failure in the ASN.1 dictionary. This indicates a
> misconfiguration/mis-installation/error in GnuTLS itself. In this
> case, I doubt we can trust its certificate verification anyway!
> Even if we can, it's likely to fail somewhere else that is
> So, in summary, I completely agree that this is an error that should
> be corrected, but I don't think it's an emergency. Agreed?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security