Cloudflare Reverse Proxies are Dumping Uninitialized Memory

Thanks to Josh Triplett for sending us this Google Project Zero report about a dump of unitialized memory caused by Cloudflare'sreverse proxies. "A while later, we figured out how to reproduce theproblem. It looked like that if an html page hosted behind cloudflare had aspecific combination of unbalanced tags, the proxy would intersperse pagesof uninitialized memory into the output (kinda like heartbleed, butcloudflare specific and worse for reasons I'll explain later). My workingtheory was that this was related to their "ScrapeShield" feature whichparses and obfuscates html - but because reverse proxies are shared betweencustomers, it would affect *all* Cloudflare customers. We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security."