Skip to content

SSL session is leaked #35

Description

@jmp0x7c00

the variable ssl_session_outside is a pointer that holds an untrusted address (outside enclave)

+ ocall_malloc((void**)&ssl_session_outside, sizeof(*ssl_session_outside));

the enclave code copies SSL session to the untrusted target buffer by memcpy, which results in privacy leakage.

+ memcpy(ssl_session_outside, ssl->session, sizeof(*ssl_session_outside));

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions