5

So the heartbeat bug can lead to memory read overrun, exposing (parts of) the process memory, because it reads the payload when there actually is no (or less) payload.

But what do you need a payload for, especially in a heartbeat?

It looks like it's just memcpy'd into the response. How is it used, exactly?

Edit:
Similar question, very interesting answer: Why does the client supply the length of the message at all?

Edit in response to TildalWave's comment:

  • This question is not a duplicate of 55116. I'm asking what the payload is used for. The other question is asking how the exploit works in general ("How exactly does the OpenSSL TLS heartbeat (Heartbleed) exploit work?") and does not even contain the word "payload".

  • Clarification - it seems my question is a little unclear.

    1. A heartbeat is usually used to check if the other system is still there, which is basically a yes/no question - so why is there a huge 64 KB sized payload at all (Mark has already mentioned sequence numbers though)?
    2. The server does not care about the contents of the payload, it simply copies it into the response (expecting the client to provide the payload length instead of checking it, at least before the heartbleed fix), right?
    3. What kind of data would a client put in the payload? A number? A word? A random string? If possible, please provide a link to a source file (preferably C) together with the relevant lines of code.
    4. Can someone provide an example for a use case that requires the payload be longer than, say, 8 Byte? Why would using an 8 Byte hex sequence number be a bad idea?
basic6
  • 211
  • 3
  • 8
  • https://tools.ietf.org/html/rfc6520#section-4 – basic6 Apr 11 '14 at 08:19
  • AviD I'm not exactly sure how this is a duplicate of question http://security.stackexchange.com/q/55116/40281. I'm asking what the payload is used for. The other question is asking how the exploit works in general and does not even contain the word "payload". – basic6 Apr 11 '14 at 10:02
  • AviD. This is not a duplicate of question 55116. This question asks, what would be the security implications of replying "ping" (fixed reply) to a heartbeat request (which might be fixed "ping" string, or might be arbitrary if that helps to obfuscate the traffic). WHY was the design of arbitrary payload chosen. (A request packet up to 64kb, that then need to be copied and returned verbatim... what's the point? WHY?) – Valters Vingolds Apr 11 '14 at 13:57
  • 1
    I'd agree it's not a duplicate of the one marked, but I'm reluctant to vote to reopen as I find it rather unclear. Heartbleed payload is an unfortunate consequence of a buggy heartbeat code, not a _feature_ and I think the wording of this question is rather confusing. Would you please [edit] to clarify what you're asking and also how it's not a duplicate of the other one you're linking to? Cheers! – TildalWave Apr 14 '14 at 12:53
  • TildalWave, I have edited the post and added a few aspects of the question. I hope this makes things a little clearer. Number 3 is actually what made me ask the question in the first place, as I'd like to see a program (source code) use the payload rather than just read about possible use cases. – basic6 Apr 14 '14 at 15:27

1 Answers1

4

The TLS "heartbeat" feature is intended for TLS over UDP or other connectionless protocols. "Heartbeat" packets are a way of asking the server "are you still there?", but with a connectionless protocol, there's no guarantee that packets won't be dropped or delivered out of order. The arbitrary-sized "payload" field permits a great deal of flexibility for telling one heartbeat packet from another.

The problem is that this flexibility is overkill for almost all uses: a simple sequence number or other fixed-size field would work just as well.

Mark
  • 34,513
  • 9
  • 86
  • 135
  • 1
    Sounds like the payload is almost better suited for attacks than for a heartbeat... I'd really like to see an application use this payload (like you describe), would you have a github link or maybe another hint (name of source file in some project)? – basic6 Apr 10 '14 at 10:03
  • In other words: An example of an application using the payload for something other than a sequence number (which could probably be a fixed length integer as well) would be highly appreciated. It probably has a good reason, I just can't come up with an example. – basic6 Apr 10 '14 at 13:49
  • 2
    Ironically, this is probably a good StackExchange to ask the question and discover why a "simple sequence number" is a _bad_ idea for response verification over connectionless transports and does _not_ "work just as well". – JdeBP Apr 10 '14 at 18:06
  • JdeBP - that (why sequence number a bad idea) would be very interesting. I'm not sure if I should post this as a follow-up question, since Mark has already answered my initial question. However, I would not count such an explanation as off-topic, I think it would still be within the scope of the question. – basic6 Apr 11 '14 at 10:07