Crash with buffer overflow detected

[1div0]

I have repeatedly observed the crash with suspicious console output:

Short read: -48141 bytes available (expecting 2)

F39 1.8-1

Log and relevant packet capture attached.
SSLdump.log
Cloudflare.pcapng.gz

[1div0]

Yet another crash. This time_t with the Brave updater served by AWS.

New TCP connection #4190: Pascal(57360) <-> ec2-52-37-203-8.us-west-2.compute.amazonaws.com(443)
4190 1 0.2135 (0.2135) C>S Handshake
ClientHello
Version 3.3
resume [32]=
4f ba 85 f6 ab 2c 27 72 59 79 61 2d ec bd 9a 43
57 b5 68 63 e3 06 a0 54 19 e2 2e 64 06 92 ee 36
cipher suites
GREASE 0xAAAA
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
compression methods
NULL
extensions
signed_certificate_timestamp
signature_algorithms
key_share
renegotiation_info
extended_master_secret
supported_versions
version: 218.218
version: 3.4
version: 3.3
ec_point_formats
ec point format uncompressed

      status_request
      session_ticket
      compress_certificate
      application_layer_protocol_negotiation
      psk_key_exchange_modes
      server_name
          host_name: go-updater.brave.com
      supported_groups
        supported group             

Short read: -20 bytes available (expecting 2)
4190 2 0.4326 (0.2191) S>C Handshake
ServerHello
Version 3.3
session_id[32]=
4f ba 85 f6 ab 2c 27 72 59 79 61 2d ec bd 9a 43
57 b5 68 63 e3 06 a0 54 19 e2 2e 64 06 92 ee 36
cipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
ec_point_formats
renegotiation_info
application_layer_protocol_negotiation
extended_master_secret
*** buffer overflow detected ***: terminated

[1div0]

So I can reliably crash the ssldump by entering https://go-updater.brave.com/ in the browser address bar now, even on F40.

New TCP connection #115: Pascal(37648) <-> ec2-44-224-90-130.us-west-2.compute.amazonaws.com(443)
115 1 0.2162 (0.2162) C>S Handshake
ClientHello
Version 3.3
resume [32]=
35 8d ab 53 06 fb 5b 21 3f 4a 67 a6 23 4e d2 02
f3 4a 58 27 b0 e2 03 eb b3 7d 93 0a 97 3e 5e 61
cipher suites
GREASE 0xDADA
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
compression methods
NULL
extensions
ec_point_formats
ec point format uncompressed

      compress_certificate
      key_share
      signature_algorithms
      server_name
          host_name: go-updater.brave.com
      extended_master_secret
      supported_versions
        version: 122.122
        version: 3.4
        version: 3.3
      signed_certificate_timestamp
      application_layer_protocol_negotiation
      psk_key_exchange_modes
      renegotiation_info
      supported_groups
        supported group             

Short read: -36940 bytes available (expecting 2)
115 2 0.4324 (0.2161) S>C Handshake
ServerHello
Version 3.3
session_id[32]=
35 8d ab 53 06 fb 5b 21 3f 4a 67 a6 23 4e d2 02
f3 4a 58 27 b0 e2 03 eb b3 7d 93 0a 97 3e 5e 61
cipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
ec_point_formats
renegotiation_info
application_layer_protocol_negotiation
extended_master_secret
*** buffer overflow detected ***: terminated

[1div0]

This time_t w/ stack dump.

New TCP connection #75: Pascal(47082) <-> ec2-35-165-224-233.us-west-2.compute.amazonaws.com(443)
75 1 0.2128 (0.2128) C>S Handshake
ClientHello
Version 3.3
resume [32]=
2c 72 d4 b0 da 0d 31 3f a7 5c 0c 97 d3 31 15 6c
a6 9c 2c b5 58 70 61 f1 84 ae c1 55 ef 98 b4 dd
cipher suites
GREASE 0xBABA
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
compression methods
NULL
extensions
signed_certificate_timestamp
ec_point_formats
ec point format uncompressed

      extended_master_secret
      signature_algorithms
      status_request
      session_ticket
      supported_groups
        supported group             

Short read: -47728 bytes available (expecting 2)
75 2 0.4319 (0.2191) S>C Handshake
ServerHello
Version 3.3
session_id[32]=
2c 72 d4 b0 da 0d 31 3f a7 5c 0c 97 d3 31 15 6c
a6 9c 2c b5 58 70 61 f1 84 ae c1 55 ef 98 b4 dd
cipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
ec_point_formats
renegotiation_info
application_layer_protocol_negotiation
extended_master_secret
*** buffer overflow detected ***: terminated

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
44 return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
(gdb) bt
#0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1 0x00007ffff76a8513 in __pthread_kill_internal (threadid=, signo=6) at pthread_kill.c:78
#2 0x00007ffff764fc4e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#3 0x00007ffff7637902 in __GI_abort () at abort.c:79
#4 0x00007ffff7638767 in __libc_message_impl (fmt=fmt@entry=0x7ffff77c216e "*** %s **: terminated\n") at ../sysdeps/posix/libc_fatal.c:132
#5 0x00007ffff7736769 in __GI___fortify_fail (msg=msg@entry=0x7ffff77c2155 "buffer overflow detected") at fortify_fail.c:24
#6 0x00007ffff7736104 in __GI___chk_fail () at chk_fail.c:28
#7 0x00007ffff77378f5 in ___snprintf_chk (s=, maxlen=, flag=, slen=, format=) at snprintf_chk.c:29
#8 0x00005555555648c9 in snprintf (__fmt=0x55555556ce47 "%s:%d", __n=129, _s=0x5555555f2ca0 "\217@\301\246\240\321\005.\354\355\345\353M\234\002$\325Q\fES_ϵ\301\361nc\311\001\247\=\253\030ތ\330\330l;\202\023\001") at /usr/include/bits/stdio2.h:54
#9 ssl_create_session_lookup_key.constprop.0 (ssl=ssl@entry=0x55555560f0f0, id=0x55555563a160 ",r\324\260\332\r1?\247\\f\227\3231\025l\246\234,\265Xpa\361\204\256\301U", <incomplete sequence \335>, idlen=idlen@entry=32,
keyp=keyp@entry=0x7fffffffc868, keyl=keyl@entry=0x7fffffffc860) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssldecode.c:547
#10 0x00005555555651e1 in ssl_restore_session (d=0x555555617820, ssl=0x55555560f0f0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssldecode.c:567
#11 ssl_process_server_session_id (len=32, msg=0x555555613d9c ",r\324\260\332\r1?\247\\f\227\3231\025l\246\234,\265Xpa\361\204\256\301U\335\300+", d=0x555555617820, ssl=0x55555560f0f0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssldecode.c:342
#12 decode_HandshakeType_ServerHello (ssl=0x55555560f0f0, dir=, seg=, data=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssl.enums.c:464
#13 0x000055555555ec25 in ssl_decode_switch (ssl=ssl@entry=0x55555560f0f0, dtable=0x555555575990 <HandshakeType_decoder+48>, dtable@entry=0x555555575960 <HandshakeType_decoder>, value=value@entry=2, dir=dir@entry=2, seg=seg@entry=0x7fffffffcbf0,
data=data@entry=0x7fffffffc980) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/sslprint.c:230
#14 0x000055555555f17d in decode_ContentType_Handshake (ssl=0x55555560f0f0, dir=2, seg=0x7fffffffcbf0, data=0x7fffffffcac0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssl.enums.c:120
#15 0x000055555555ec25 in ssl_decode_switch (ssl=ssl@entry=0x55555560f0f0, dtable=0x555555575d90 <ContentType_decoder+48>, dtable@entry=0x555555575d60 <ContentType_decoder>, value=value@entry=22, dir=dir@entry=2, seg=seg@entry=0x7fffffffcbf0,
data=data@entry=0x7fffffffcac0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/sslprint.c:230
#16 0x0000555555562c31 in ssl_expand_record (len=105, data=0x555555613d70 "\026\003\003", direction=, q=, ssl=0x55555560f0f0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/sslprint.c:312
#17 print_ssl_record (len=105, data=0x555555613d70 "\026\003\003", q=, direction=, obj=0x55555560f0f0) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssl_analyze.c:600
#18 data_ssl_analyzer (_obj=0x55555560f0f0, seg=, direction=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/ssl/ssl_analyze.c:534
#19 0x00005555555682c4 in process_data_segment (handler=, direction=2, stream=0x5555555faea0, p=0x7fffffffcc10, conn=0x5555555fad50) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/base/tcppack.c:374
#20 process_tcp_packet (p=0x7fffffffcc10, ctx=0x5555555a43b0, handler=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/base/tcppack.c:150
#21 process_tcp_packet (p=0x7fffffffcc10, ctx=0x5555555a43b0, handler=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/base/tcppack.c:74
#22 network_process_packet.isra.0 (handler=, timestamp=, data=, length=, af=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/base/network.c:203
#23 0x000055555555a10e in pcap_cb (ptr=, hdr=0x7fffffffce00, data=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/redhat-linux-build/base/pcap-snoop.c:285
#24 0x00007ffff7e0ffe0 in pcap_handle_packet_mmap (handle=handle@entry=0x555555578d20, callback=callback@entry=0x55555555a090 <pcap_cb>, user=user@entry=0x555555579090 "\240_WUUU", frame=frame@entry=0x7ffff754e3b8 "8\001", tp_len=,
tp_mac=, tp_snaplen=222, tp_sec=1722858922, tp_usec=757006, tp_vlan_tci_valid=0, tp_vlan_tci=0, tp_vlan_tpid=33024) at ./pcap-linux.c:4076
#25 0x00007ffff7e105af in pcap_read_linux_mmap_v3 (handle=0x555555578d20, max_packets=, callback=0x55555555a090 <pcap_cb>, user=) at ./pcap-linux.c:4252
#26 0x00007ffff7e14676 in pcap_loop (p=0x555555578d20, cnt=cnt@entry=-1, callback=callback@entry=0x55555555a090 <pcap_cb>, user=user@entry=0x555555579090 "\240_WUUU") at ./pcap.c:2923
#27 0x00005555555598a9 in main (argc=, argv=) at /usr/src/debug/ssldump-1.8-2.fc40.x86_64/redhat-linux-build/base/pcap-snoop.c:513

[1div0]

case TLSV13_VERSION seems to be missing in action at

ssldump/ssl/ssldecode.c

Line 558 in f24cf14

if((r = ssl_generate_keying_material(ssl, d)))

[adulau]

Thanks for the report. This should be fixed in https://github.com/adulau/ssldump/releases/tag/v1.9 - let us know if you have any issues.