iOS code bug that even YOU could have spotted
Posted: 24 Feb 2014, 09:32
goto fail; INDEEDwww.cs.columbia.edu wrote: As you've probably heard by now, there's a serious bug in the TLS implementations in iOS (the iPhone and iPad operating system) and MacOS. I'll skip the details (but see Adam Langley's excellent blog post if you're interested); the effect is that under certain conditions, an attacker can sit in the middle of an encrypted connection and read all of the traffic.
Here's the code in question:Note the doubledCode: Select all
if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail;
goto fail;
goto fail;
That's incorrect and is at the root of the problem.