Giters

lsds / TaLoS

Efficient TLS termination inside Intel SGX enclaves for existing applications

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

SSL session is leaked

jmp0x7c00 opened this issue · comments

commented

the variable ssl_session_outside is a pointer that holds an untrusted address (outside enclave)

TaLoS/src/talos/patch/ssl_lib.c.patch

Line 1187 in 052a93d

+ ocall_malloc((void**)&ssl_session_outside, sizeof(*ssl_session_outside));

the enclave code copies SSL session to the untrusted target buffer by memcpy, which results in privacy leakage.

TaLoS/src/talos/patch/ssl_lib.c.patch

Line 1190 in 052a93d

+ memcpy(ssl_session_outside, ssl->session, sizeof(*ssl_session_outside));