TLS ClientHello and ServerHello extension parsing fails for large extensions

Progress® Telerik® Fiddler™ Classic Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Completed

Last Updated: 18 Jan 2022 07:10 by ADMIN

Eric

Created on: 10 Dec 2019 01:39

Type: Bug Report

TLS ClientHello and ServerHello extension parsing fails for large extensions

When HTTPS decryption is enabled in Fiddler, Fiddler parses the ClientHello and ServerHello HTTPS messages to determine the supported ciphers and other information, including TLS Extensions.

Unfortunately, Fiddler's HTTPSMessages parsers have a bug whereby if the extensions are larger than the available data on the stream/pipe, reading of the extensions is skipped and misleading text suggesting that no extensions were sent is shown in the Inspectors. For instance, the current version of Chrome Canary sends ~1308 bytes of TLS extensions in the ClientHello, but only 908 bytes are available at the time that the message is read. Fiddler claims that the ClientHello contained no extensions.

Instead of performing a single .Read() call and ignoring the result if the size is less than expected, Fiddler should continue to read the stream until the promised number of bytes have been read.

[This issue is similar to https://crbug.com/1028602#c2, although the implementation is obviously unrelated).

1 comment

ADMIN

Nick Iliev

Posted on: 18 Jan 2022 07:10

Hey Eric,

I wanted to let you know that the issue should now be fixed in the latest version of Fiddler Classic.

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.