[tor-talk] Another openssl advisory: Tor seems not to be affected

Ondrej Mikle ondrej.mikle at gmail.com
Fri Apr 20 15:44:53 UTC 2012


On Thu, Apr 19, 2012 at 4:52 PM, Nick Mathewson <nickm at freehaven.net> wrote:
> Hi, all!
>
> It looks like there is an openssl security advisory affecting some but
> not all of the ASN.1 parsing code. The announcement is here:
>
> http://openssl.org/news/secadv_20120419.txt
>
> And the full-disclosure posting is here:
>
> http://seclists.org/fulldisclosure/2012/Apr/210
>
> It looks like there is an openssl security advisory affecting some but
> not all of the ASN.1 parsing code.  In short, the d2i_*_bio functions
> and the d2i_*_fp functions are vulnerable to hostile input, but the
> regular in-memory d2i_* functions, and the PEM_* functions, are not.
> Tor only calls the safe d2i_* functions and the safe PEM_* functions,
> and (as near as I can tell) doesn't call any part of OpenSSL that
> calls an unsafe function.
>
> So it appears that Tor is not affected by this.  (I invite everybody
> to check my work here, of course.)

I re-checked - I took openssl 1.0.0g, created call graph by hand (too
many macros at some points to use automated tools) by looking what
calls the affected functions. I can confirm that I didn't find any of
the functions in Tor (latest git head).

I checked some other software like Firefox 11 (including NSS, NSPR and
XulRunner, but without TBB patches). Seems also not to be affected.

Some software was found that used the vulnerable functions, but always
to read from disk (even tough in theory the *bio functions can read
from memory buffer). That means attacker would need to change the
certificates or other ASN.1 structures on disk.

If anybody wants to check, here is a regexp I ended up with that
should contain all the possible entry points to openssl that could
lead to vulnerable function (asn1_d2i_read_bio):

find . -type f -exec grep -nHP
'(asn1_d2i_read_bio|ASN1_d2i_bio|ASN1_d2i_fp|d2i_RSA_PUBKEY_fp|ASN1_item_d2i_bio|ASN1_item_d2i_fp|d2i_PKCS12_fp|d2i_X509_fp|d2i_X509_CRL_fp|d2i_PKCS7_fp|d2i_X509_REQ_fp|d2i_RSAPrivateKey_fp|d2i_RSAPublicKey_fp|b64_read_asn1|SMIME_read_ASN1|SMIME_read_CMS|SMIME_read_PKCS7|d2i_CMS_bio|d2i_PKCS12_bio|d2i_X509_bio|X509_load_cert_file|SSL_use_certificate_file|d2i_X509_CRL_bio|X509_load_crl_file|get_cert_by_subject|x509_dir_lookup|X509_LOOKUP_hash_dir|X509_STORE_set_default_paths|SSL_CTX_set_default_verify_paths|X509_STORE_load_locations|SSL_CTX_load_verify_locations|d2i_PKCS7_bio|d2i_X509_REQ_bio|d2i_RSAPrivateKey_bio|SSL_use_RSAPrivateKey_file|SSL_CTX_use_RSAPrivateKey_file|d2i_RSAPublicKey_bio)'
{} ';'

Ondrej


More information about the tor-talk mailing list