24 lines
594 B
Markdown
24 lines
594 B
Markdown
|
# 南京环境:ssl decoder解析证书读越界
|
|||
|
|
|
|||
|
|
| ID | Creation Date | Assignee | Status |
|
|||
|
|
|----|----------------|----------|--------|
|
|||
|
|
| OMPUB-1214 | 2024-04-03T15:38:03.000+0800 | 刘学利 | 开放 |
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
现场:192.168.12.3
|
|||
|
|
|
|||
|
|
现象:ssl decoder在处理流结束时的乱序缓存包,调用openssl解析证书时出现读越界,同时计算ja3时可能存在写越界
|
|||
|
|
|
|||
|
|
分析:开启ASAN运行丢包较为严重,导致缺包的tcp会话增加
|
|||
|
|
|
|||
|
|
!image-2024-04-03-15-38-11-031.png|width=1640,height=1076!
|
|||
|
|
|
|||
|
|
## Attachments
|
|||
|
|
|
|||
|
|
**54481/image-2024-04-03-15-38-11-031.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|