the variable ssl_session_outside is a pointer that holds an untrusted address (outside enclave)
|
+ ocall_malloc((void**)&ssl_session_outside, sizeof(*ssl_session_outside)); |
the enclave code copies SSL session to the untrusted target buffer by memcpy, which results in privacy leakage.
|
+ memcpy(ssl_session_outside, ssl->session, sizeof(*ssl_session_outside)); |
the variable
ssl_session_outsideis a pointer that holds an untrusted address (outside enclave)TaLoS/src/talos/patch/ssl_lib.c.patch
Line 1187 in 052a93d
the enclave code copies SSL session to the untrusted target buffer by
memcpy, which results in privacy leakage.TaLoS/src/talos/patch/ssl_lib.c.patch
Line 1190 in 052a93d