SSLDoc: Automatically diagnosing incorrect SSL API usages in C programs

Abstract

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols provide a reliable communication channel between applications over the Internet. Implementations of these protocols (e.g., OpenSSL and GnuTLS) publish wellformat documentation and examples online to guide the usage of SSL/TLS APIs. However, incorrect usages have caused many severe vulnerabilities (e.g., privilege escalation, denial of service, man-in-the-middle attack, etc.) in recent years. In this paper, we introduce SSLDoc to diagnose incorrect SSL API usages in real-world C programs automatically. The key insight behind SSLDoc is a constraint-directed static analysis technique powered by domain-specific usage patterns that we learn from real-world vulnerabilities and bug-fix-related patches. We have instantiated SSLDoc for OpenSSL APIs and applied it to large-scale open-source programs. SSLDoc found 45 previously unknown security-sensitive bugs in OpenSSL implementation and applications in Ubuntu. We created and submitted issues for all of them. Up to now, 35 have been confirmed by the corresponding development communities and 27 have been fixed in master branch.