[Discuss] Heartbleed and UDP

[tmetro+blu at gmail.com (Tom Metro)]

Mike Small wrote:
> Reading beyond the ends of an array in C is
> undefined behaviour so unquestionably a bug.

Right. Lots of projects have created their own version of malloc or
wrapped it, and that doesn't excuse them from coding buffer overruns. So
this was definitely a bug.


> It may be dumb that the spec says the payload has to be variable or
> even that there's a heartbeat requirement at all for the TCP case...

I've been wondering about the latter point as well, and I haven't yet
heard any explanations. (I also didn't get why the payload varied, but
that's a minor point.)

For those not aware, the heartbeat feature was added to facilitate
running TLS over UDP, where there is a need to exchange some data
periodically to keep NAT port mappings active.

I don't know if anyone is actually using TLS over UDP. Your Apache or
Nginx web server certainly isn't. Nor is your consumer router's web UI
or your Android web browser. Perhaps there is a VoIP implementation that
uses it? Oh, OpenVPN uses UDP, and likely represents the single largest
user of TLS over UDP. (See [1] for a script to test your OpenVPN server
for vulnerability to Hearbleed over UDP.)

So had the heartbeat feature been limited to the protocol where it was
intended to be used for, the scope of affected applications would have
been fairly small.

Did it end up being available over TCP due to architectural limitations
in OpenSSL? Or was this an oversight? (It sure seems likely that OpenSSL
would have a layer of code that is UDP-specific, so my expectation is
that the hearbeat code should have been implemented in that layer, and
been out of reach to TCP connections.)

1. https://github.com/falstaff84/heartbleed_test_openvpn

 -Tom

-- 
Tom Metro
The Perl Shop, Newton, MA, USA
"Predictable On-demand Perl Consulting."
http://www.theperlshop.com/