Hi,
Here is the status summary of what was done regarding SSLDump during the Hackathon.
During the first day, I presented a general status of the project during the short talk session.
I tested a very simple patch that was proposed on GitHub around the definition of some internal structure, it appears to solve the behavior I observed with some of the so-called “crash files” I had already identified.
Regarding a talk I did at hack.lu last year, I noticed that SSLDump is also subject to printing control characters on the console, even with JSON output. I started working on a patch to filter (aka “neutralize”) such output.
The OpenSSL 3 integration patch has to be adjusted in order to detect which version of OpenSSL is available and possibly allow OpenSSL 1.x to be used. It is required in order to support older systems that might be difficult to upgrade.
Alex tried OpenAI Codex on the codebase. It identified two paths of improvements:
- The first one, which has been integrated in the codebase already, is about bounds checking at various places. Extensive past fuzzing never triggered anything related to these code paths, but those checks were missing nonetheless
- The second one is about the section of code related to TCP stream reassembly. There is an elusive bug in this code path. Codex proposed to reorganize the code by following best practices found in contemporary open-source IDS such as Suricata. This patch has to be thoroughly understood and tested before integration.
Have a nice week-end,
Wil