• CVE-2021-33912 and CVE-2021-33913: Heap overflows in email validation library LibSPF2

    Abstract Two bugs related to the parsing of SPF (Sender Policy Framework) records have been found in LibSPF2, a library commonly used to determine the validity of email received to a server. One of these bugs allows for relatively flexible memory corruption in the heap, while the other affects only up to four bytes past the end of an allocated buffer. Both bugs have the potential to be used to...

  • Planning out a Secure and Sandboxed KVM Hypervisor Network (KVM Network Tutorial, Intro)

    But first, a quick background Earlier this summer I received some unexpected news that left me with a bit more free time than I had anticipated. Of course, this post isn’t about something I didn’t do this summer, so I won’t get into the details of it. Since I had this extra time, though, I decided to look a little into home server options. I’ve tinkered around with hosting on...

  • What is an SSL and SSL_CTX? (Openssl client tutorial, Part 1)

    OpenSSL uses a few specially-labelled structs as fundamental building blocks in creating an HTTPS connection. The internals of these structs are usually opaque and change from time to time, but a slew of functions exist to be able to modify them. They almost exhibit behavior similar to objects and classes in C++ (which is why I’ll sometimes refer to them as objects during this tutorial). It can be difficult to...