goto fail;


Having made my share of stupid programming errors it is good to see that the professionals make them too. Appple's serious goto fail security flaw was due to just one extra line of code in C, an extra (goto fail;) line.

This mistake would have been discovered automatically if they had used Python, due to an indentation error.

    OSStatus err;

        if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0)
            goto fail;
        if ((err = SSLHashSHA1.update(&hashCtx, &clientRandom)) != 0)
            goto fail;
        if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
            goto fail;
        if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
            goto fail;
            goto fail;
        if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
            goto fail;
    fail:
        return err;


Good non-technical discussion of the problem here.

No comments:

Post a Comment