back to article F5's Big-IP leaks little chunks of memory, even SSL session IDs

There's a new branded bug in town, but thankfully it only hurts kit made by F5 Networks. “Ticketbleed” (so named for a similarity to the notorious 2014 Heartbleed) is specific to F5's Big-IP appliances and can strike when virtual servers running on those boxes are configured with a Client SSL profile that has the non-default …

  1. John Smith 19 Gold badge
    WTF?

    "31 bytes of uninitialised memory.” So

    Someone can't read an interface specification properly

    Someone can't implement an interface specification properly

    It was too much of a performance hit to zero the right size block of memory.

    Shouldn't most interfaces be implemented as state machines with the baseline code written by a tool and that code rarely needs tweaking?

    1. Anonymous Coward
      FAIL

      Re: "31 bytes of uninitialised memory.” So

      > Someone can't read an interface specification properly

      > Someone can't implement an interface specification properly

      Someone didn't test the interface implementation properly.

      > Shouldn't most interfaces be implemented as state machines with the baseline code written by a tool and that code rarely needs tweaking?

      Yes!

  2. John Smith 19 Gold badge
    Unhappy

    "Someone didn't test the interface implementation properly."

    Good point, but I missed it.

    Which could be said of the person who wrote this code as well.

    FSM's are more of an EE thing but Statecharts (which can incorporate sub FSM's as part of themselves) are part of UML and tools to generate code from them certainly exist.

    I imagine you could create a protocol so complex that even HFSM's could not cope with it but doing so would probably have to be a design goal, rather than an unfortunate side effect of such a protocol. The protocol equivalent of the whitespace language.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021