Bug ID 610429: X509::cert_fields iRule command may memory with subpubkey argument

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.2.1, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2

Fixed In:
13.0.0, 12.1.2 HF1, 11.6.1 HF2, 11.5.4 HF3

Opened: Aug 11, 2016

Severity: 3-Major

Symptoms

The X509::cert_fields iRule command can leak memory in the 'method' memory subsystem if called with the 'subpubkey' argument, when the 'subpubkey' argument is not the last argument.

Impact

Memory will leak, eventually impacting the operation of tmm.

Conditions

Create an iRule using X509::cert_fields where the subpubkey is not the last argument. Example/signature to look for: ltm rule rule_leak { when HTTP_REQUEST { if { [SSL::cert 0] ne "" } { HTTP::respond 200 content "[X509::cert_fields [SSL::cert 0] 0 subpubkey hash]\n" } else { HTTP::respond 200 content "no client cert (WRONG!)" } } }

Workaround

Ensure that 'subpubkey' is the last argument to X509::cert_fields

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips