Entries by Niels Provos

PDF has become the de-facto standard for formatting print documents. Over the years, it has evolved into a feature rich and very complex system. PDF supports embedded Javascript that can be used for form validation and contains support for different image formats and 3D models, etc. As a result, PDF implementations have numerous vulnerabilities that can be exploit by adversaries to gain control over a user’s computer. Here are a number of CVEs that are currently being exploited in the wild: CVE-2007-5659, CVE-2008-2992, CVE-2009-0927, CVE-2009-2994, CVE-2009-4324, CVE-2010-0188.

In this blog post, we are going to look at current exploitation of CVE-2010-0188: An integer overflow in the parsing of the dot range option in TIFF files. The vulnerability was publicly announced in February 2010. Examples of exploit code are readily available on the Internet and a very good explanation of how the exploit works has been provided by Fortinet.

The exploit described by Fortinet utilizes an AcroForm described in XML. The XML contains an image field with an embedded TIFF image that triggers the vulnerability.

Heat treating a sword using a water quench is a tense affair as the sword my crack and many hours of work may be lost. This video shows heat treating a wakizashi I made from forge welded cable that was folded several times. The Japanese differential heat treat calls for coating the back of the blade with a clay layer that retards the quench and allows the covered part of the steel to remain softer. The border between harder and softer steel becomes visible as hamon. Although, the heat treating was successful, the blade developed a welding flaw and at this point it looks like 20 hours of work might have been lost.

When examining a traditionally forged Japanese sword, the steel structure (hada) often looks like wood grain. This structure is a result of folding and forge welding tamahagane. To simulate such hada without using expensive tamahagane, I took 24in of 1in diameter steel cable and forge welded it into a single piece of steel. That steel was then folded 7 times with some surface manipulation and then forged into a small wakizashi. The picture shows the tang after the scale was removed, polished and then lightly etched to show the grain. The steel structure seems similar to mokume hada. Now, I just need to find the time to shape, heat treat, polish and mount the sword. Expect progress pictures as work permits - probably in a few months.

The is a knife made from a high carbon railroad spike. The blade is flat ground and about 4.5in long. The whole knife is a little bit longer than 10in. The twist in the handle feels nice in the hand. HC in this case apparently means 1030 which is pretty low carbon content for a knife. While it got to be very sharp, the edge is probably not going to stay that way for very long.

Forging this was a lot of fun and using the spring fuller really helped with separating the steel from the handle and the blade. Making this knife actually didn't take very long. About an hour of forging time, a couple hours of grinding and polishing.

Libevent 2.0.4-alpha is now available for download:

http://monkey.org/~provos/libevent-2.0.4-alpha.tar.gz
http://monkey.org/~provos/libevent-2.0.4-alpha.tar.gz.sig

The complete change list is available here.

Some of the feature improvements include:

• bufferevents can now be rate limited
• http connections can now resolve host names asynchronously
• a facility for lock debugging
• arc4random() for evdns

However, we (that means mostly Nick) have also made a large number of bug fixes and stability improvements across many platforms. Many thanks to everyone who helped by providing bug reports and patches including Brodie Thiesfield, Dagobert Michelsen, Evan Jones, Joachim Bauch, Pavel Plesov, Roman Puls, Sebastian Hahn, William Ahern, Yasuoka Masahiko and Zhuang Yuyao.

In a separate email, Nick also provided a much more verbose description of what all changed.

Although, I have made various attempts at forging knives, this tanto is the first knife I have completed. It's a shinogi-zukuri tanto with choji hamon. The steel was made from forge-welded high carbon cable. Originally, this was supposed to become a wakizashi, but due to a bad hammer blow when forging the sunobe, I had to fold it over and no longer had enough steel for a longer blade. As a result, the blade is only about 9in long. The habaki was made from brazed copper and the shira-saya was carved from a popular blank.

The picture to the left shows two more cable tantos in various stages of progress. The top one had some rough grinding done to it whereas the bottom one is straight from the forge. Only about 10% of the time is actually spent forging the blades. The rest of time is spent grinding, polishing and working on the habaki as well as on the saya and everything else.

Tom Pusateri reported success with using OpenSSL client certificates and libevent's builtin OpenSSL support. Here is what he wrote on the mailing list:

I tried 2.0.3 alpha against the Apple Push notification feedback service which requires a client key/certificate and it works great.

One hint... Make sure you add the key and cert to the SSL context before calling SSL_new(). Otherwise, you'll get an error that looks like:

sslv3 alert handshake failure in SSL routines SSL3_READ_BYTES

Here's the working code:

static void
init_feedback_service(struct event_base *ev_base,
    struct evdns_base *dns)
{
   int rc;
   struct bufferevent *bev;
   SSL_CTX *ssl_ctx;
   SSL *ssl;

   ssl_ctx = SSL_CTX_new(SSLv3_method());

   rc = SSL_CTX_use_certificate_file(ssl_ctx, "my_apple_cert_key.pem",
       SSL_FILETYPE_PEM);
   if (rc != 1) {
       errx(EXIT_FAILURE, "Could not load certificate file");
   }
   rc = SSL_CTX_use_PrivateKey_file(ssl_ctx, "my_apple_cert_key.pem",
       SSL_FILETYPE_PEM);
   if (rc != 1) {
       errx(EXIT_FAILURE, "Could not load private key file");
   }

   ssl = SSL_new(ssl_ctx);
   bev = bufferevent_openssl_socket_new(ev_base, -1, ssl,
       BUFFEREVENT_SSL_CONNECTING, BEV_OPT_CLOSE_ON_FREE);
   bufferevent_setcb(bev, feedback_read_cb, NULL,
       feedback_event_cb, NULL);
   rc = bufferevent_socket_connect_hostname(bev, dns, AF_INET,
       "feedback.sandbox.push.apple.com", 2196);
   if (rc < 0) {
       warnx("could not connect to feedback service: %s",
             evutil_socket_error_to_string(EVUTIL_SOCKET_ERROR()));
       bufferevent_free(bev);
       return;
   }
   bufferevent_enable(bev, EV_READ);
}

It has been a while since the last alpha release of libevent-2.0. Yesterday, we released 2.0.3-alpha which can be downloaded from

http://monkey.org/~provos/libevent-2.0.3-alpha.tar.gz

Please, give it a spin and let us know if you run into any problems. There have been a lot of changes since the last release, mostly due to Nick's hard work. Here are just some highlights, the ChangeLog contains the full story:

- SSL/TLS support on bufferevents, using the OpenSSL library
- Improved searching on evbuffer objects
- Improved support for Windows
- More efficient memory allocation for event_bases that use epoll
- Improved thread-safety
- The IOCP bufferevent backend is now exposed on Windows; many thanks to Christopher Davis for his work.

Many thanks to everyone who helped with patches and bug reports including Rocco Carbone, Brodie Thiesfield, Caitlin Mercer, David Reiss, Alexander Pronchenkov, Jacek Masiulaniec, Ka-Hing Cheung, Christopher Davis, Ferenc Szalai, and Ryan Phillips.

Edited to fix the link.

We just released a new stable version of Libevent that fixes the following problems:

• If the kernel tells us that there are a negative number of bytes to read from a socket, do not believe it. Fixes bug 2841177; found by Alexander Pronchenkov.
• Do not allocate the maximum event queue and fd array for the epoll backend at startup. Instead, start out accepting 32 events at a time, and double the queue's size when it seems that the OS is generating events faster than we're requesting them. Saves up to 512K per epoll-based event_base. Resolves bug 2839240.
• Fix compilation on Android, which forgot to define fd_mask in its sys/select.h
• Do not drop data from evbuffer when out of memory; reported by Jacek Masiulaniec
• Rename our replacement compat/sys/_time.h header to avoid build a conflict on HPUX; reported by Kathryn Hogg.
• Build kqueue.c correctly on GNU/kFreeBSD platforms. Patch pulled upstream from Debian.
• Fix a problem with excessive memory allocation when using multiple event priorities.
• When running set[ug]id, don't check the environment. Based on a patch from OpenBSD.

A new alpha release of libevent 2.0 is on its way, too. Thanks to everyone who submitted patches and bug reports.

The source code is available at http://www.monkey.org/~provos/libevent-1.4.13-stable.tar.gz. Don't forget to verify the signature.

A while ago, I forged a San Mai billet with the hope to turn it into a tanto. Unfortunately, the forge I was using had a very oxygen rich atmosphere and the welds did not take very well. Over the last couple of days, I spent some time grinding and heat treating the remaining steel into a knife for practice purposes. The cable structure of the knife came out very nicely with repeated applications of lemon juice and metal polish to remove the oxides left by the lemon juice etch.

I also figured out how to take decent pictures of the steel. The trick was to use direct light rather than diffused light that shines directly on the blade, and then have black surfaces inside the light box. The angle of the knife needs to be so that the black is reflected do the camera. Although, this is a failed knife due to all the welding flaws, it still was an interesting experiment.

I just finished taking the 5-day basic forging class taught by Michael Bell at Dragonfly Forge. The wakizashi in the picture is the result of it. The blade is about 18in long and was forged from forge-welded cable. The forge welding of the cable conducted by Michael and his son Gabriel took the better half of the first day. Afterward, the steel was forged into a sunobe which has the basic taper for the tang and point of the sword. We then forged in the ji and the shinogi ji. The remainder of the time was spent grinding in preparation for heat treatment. Before the clay was applied, we draw filed the blade so that all file marks were parallel with the edge rather than the perpendicular marks left by the belt grinder. Applying the clay was a three step process; a light coating of the whole blade, applying the ashi lines, and then coating everything that should remain soft. You can see the ashi and where the clay was applied on the middle picture. After heat treating, the blade took on a nice curve and it was back to the grinder. During the last day there was a little bit of time to polish on stones which showed hints of some very wild hamon as well as some mune yaki. The whole class was a great experience.

The call for papers for the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '10) Botnets, Spyware, Worms, and More just went out. It will be held on April 27, 2010 in San Jose, CA.

LEET '10 will be co-located with the 7th USENIX Symposium on Networked Systems Design and Implementation (NSDI '10), which will take place April 28–30, 2010.

Important Dates

• Submissions due: Thursday, February 25, 2010, 11:59 p.m. PST
• Notification of acceptance: Wednesday, March 24, 2010
• Final papers due: Monday, April 5, 2010

Workshop Organizers
Program Chair

• Michael Bailey, University of Michigan

Program Committee

• Dan Boneh, Stanford University
• Nick Feamster, Georgia Institute of Technology
• Jaeyeon Jung, Intel Labs, Seattle
• Christian Kreibich, International Computer Science Institute
• Patrick McDaniel, Pennsylvania State University
• Fabian Monrose, University of North Carolina, Chapel Hill
• Jose Nazario, Arbor Networks, Inc.
• Stefan Savage, University of California, San Diego
• Matt Williamson, AVG Technologies
• Yinglian Xie, Microsoft Research
• Vinod Yegneswaran, SRI International

Go submit your work!

Google's Anti-Malware team has prepared a moderator page where web masters and users can ask questions and vote which questions they would like to see answered. The voting period ends on Friday, August 28th at which point the Anti-Malware team will prepare answers for some of the top-rated questions.

Nick just announced two new libevent releases. Here is his summary.

Libevent 1.4.12-stable:
You can find the source in the usual place:

http://monkey.org/~provos/libevent-1.4.12-stable.tar.gz

This is a bugfix-only release, and some of the bugs were kind of nasty. I'd recommend that you upgrade, especially if you are writing code that uses epoll or evdns.

Changes in 1.4.12-stable:

• Try to contain degree of failure when running on a win32 version so heavily firewalled that we can't fake a socketpair.
• Fix an obscure timing-dependent, allocator-dependent crash in the evdns code.
• Use _VA_ARGS_ syntax for varargs macros in event_rpcgen when compiler is not GCC.
• Activate fd events in a pseudorandom order with O(N) backends, so that we don't systematically favor low fds (select) or earlier-added fds (poll, win32).
• Fix another pair of fencepost bugs in epoll.c. [Patch from Adam Langley.]
• Do not break evdns connections to nameservers when our IP changes.
• Set truncated flag correctly in evdns server replies.
• Disable strict aliasing with GCC: our code is not compliant with it.

Libevent-2.0.2-alpha:
The first alpha release in the long-promised Libevent 2.0 series is finally out. You can download Libevent 2.0.2-alpha from:

http://monkey.org/~provos/libevent-2.0.2-alpha.tar.gz

This is an alpha release. Libevent 2.0 is not finished. There will be bugs, and we make no promises about the stability of any APIs introduced in the 2.0.x-alpha releases. When you find bugs, please let us know.

Libevent 2.0 is intended to be backward compatible with the Libevent 1.4 APIs[*]. Any program that worked with Libevent 1.4 should still work with Libevent 2.0, unless we screwed up. Please test your programs when you have a chance, so that if we did screw up, we can notice soon.
[*] Unless you were messing around with the internals of internal structures.

This release adds many new features to the previous alpha release, and fixes many bugs. See the ChangeLog for full details. Highlights include:

• evdns is now threadsafe, with locking support
• There's an evconnlistener type that you can use to abstract cross-platform differences in accepting connections.
• The evbuffer interface (and therefore bufferevents) now supports zero-copy much better.
• About a zillion fixes for tricky bugs in the new Libevent 2.0.1-alpha code.

Special thanks to everybody who helped find bugs and improve the code, especially James Mansion, Zack Weinberg, and Joachim Bauch.

Yesterday, I managed to practice Aikido in Hamburg for the first time in almost twelve years. The dojo at Charlottenstraße was beautiful with windows to the outside and plenty of light. The training was interesting and very enjoyable. I even managed to practice with a few folks from university times. Next week, it's back to the US and Aikido practice in Mountain View.