diff options
| author | David Goulet <dgoulet@torproject.org> | 2021-01-28 12:42:31 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2021-01-28 12:42:31 -0500 |
| commit | be81ecba3a770690d949aa0b71a8e88c90752199 (patch) | |
| tree | 2ec126b5f31669a8301fd0f08e6056a01dc0a2b1 | |
| parent | a3f2bc8f13eaa0868192b80186710c0765f26c59 (diff) | |
| parent | f058db1f3d6fee5bc6506ece88cfd100eb86729d (diff) | |
| download | tor-be81ecba3a770690d949aa0b71a8e88c90752199.tar.gz tor-be81ecba3a770690d949aa0b71a8e88c90752199.zip | |
Merge branch 'maint-0.4.3' into maint-0.4.4
| -rw-r--r-- | changes/bug40190 | 4 | ||||
| -rw-r--r-- | src/core/proto/proto_socks.c | 7 |
2 files changed, 10 insertions, 1 deletions
diff --git a/changes/bug40190 b/changes/bug40190 new file mode 100644 index 0000000000..0f3d6941dc --- /dev/null +++ b/changes/bug40190 @@ -0,0 +1,4 @@ + o Minor bugfixes (SOCKS5): + - Handle partial socks5 messages correctly. Previously, our code would + send an incorrect error message if it got a socks5 request that wasn't + complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha. diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c index 198195c0ae..bcb0c2b2f9 100644 --- a/src/core/proto/proto_socks.c +++ b/src/core/proto/proto_socks.c @@ -550,6 +550,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, if (parsed == -1) { log_warn(LD_APP, "socks5: parsing failed - invalid client request"); res = SOCKS_RESULT_INVALID; + socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); goto end; } else if (parsed == -2) { res = SOCKS_RESULT_TRUNCATED; @@ -561,6 +562,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, if (socks5_client_request_get_version(trunnel_req) != 5) { res = SOCKS_RESULT_INVALID; + socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); goto end; } @@ -594,6 +596,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, tor_addr_to_str(req->address, &destaddr, sizeof(req->address), 1); } break; default: { + socks_request_set_socks5_error(req, SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED); res = -1; } break; } @@ -774,8 +777,10 @@ handle_socks_message(const uint8_t *raw_data, size_t datalen, } else { res = parse_socks5_client_request(raw_data, req, datalen, drain_out); - if (res != SOCKS_RESULT_DONE) { + if (BUG(res == SOCKS_RESULT_INVALID && req->replylen == 0)) { socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); + } + if (res != SOCKS_RESULT_DONE) { goto end; } |