Segfault in X509 file analyzer

Description

Bro segfaults in src/file_analysis/x509/functions.bif:256, due to base->certs being NULL.

Environment

None

Activity

Show:
Johanna Amann
June 30, 2014, 6:07 PM

Hello Marek,

would it perhaps be possible to create a test pcap that produces the crash? When I connect to ocsp.digicert.com:443 and request ocsp stapling, everything seems to work as expected (example trace at http://www.icir.org/johanna/traces/ocsp-stapling-digicert.pcap).

Marek Balint
June 30, 2014, 3:33 PM

Hi, the server is ocsp.digicert.com.

Johanna Amann
June 30, 2014, 3:08 PM

May I ask which server you encountered this bug with? That might make writing a testcase a bit easier...

Johanna Amann
June 30, 2014, 3:07 PM

Ah, sorry, you are right. That apparently is another special case I did not come accross (or think of) during my tests. :/

Marek Balint
June 30, 2014, 2:49 PM

It is released 2.3 (not beta). The file in question is on ff00c0786af01bddc8aa5b455edbb214ff06c4e7.

Merged

Assignee

Robin Sommer

Reporter

Marek Balint

Labels

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Normal