Bug ID 610429: X509::cert_fields iRule command may memory with subpubkey argument

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2

Fixed In:
13.0.0, 12.1.2 HF1, 11.6.1 HF2, 11.5.4 HF3

Opened: Aug 11, 2016
Severity: 3-Major

Symptoms

The X509::cert_fields iRule command can leak memory in the 'method' memory subsystem if called with the 'subpubkey' argument, when the 'subpubkey' argument is not the last argument.

Impact

Memory will leak, eventually impacting the operation of tmm.

Conditions

Create an iRule using X509::cert_fields where the subpubkey is not the last argument. Example/signature to look for: ltm rule rule_leak { when HTTP_REQUEST { if { [SSL::cert 0] ne "" } { HTTP::respond 200 content "[X509::cert_fields [SSL::cert 0] 0 subpubkey hash]\n" } else { HTTP::respond 200 content "no client cert (WRONG!)" } } }

Workaround

Ensure that 'subpubkey' is the last argument to X509::cert_fields

Fix Information

None

Behavior Change