diff options
| author | David Goulet <dgoulet@torproject.org> | 2021-01-28 12:42:31 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2021-01-28 12:42:31 -0500 |
| commit | e44f01f5a8db70a676512043b25eb4ccca8dac44 (patch) | |
| tree | 44b39ea7ea18966b54562d8f014b018cdc457afd | |
| parent | e5ea02a662450ded7fcfcf31e8cd0ec0ec421ed5 (diff) | |
| parent | f058db1f3d6fee5bc6506ece88cfd100eb86729d (diff) | |
| download | tor-e44f01f5a8db70a676512043b25eb4ccca8dac44.tar.gz tor-e44f01f5a8db70a676512043b25eb4ccca8dac44.zip | |
Merge branch 'maint-0.4.3' into release-0.4.3
| -rw-r--r-- | changes/bug40190 | 4 | ||||
| -rw-r--r-- | src/core/proto/proto_socks.c | 7 |
2 files changed, 10 insertions, 1 deletions
diff --git a/changes/bug40190 b/changes/bug40190 new file mode 100644 index 0000000000..0f3d6941dc --- /dev/null +++ b/changes/bug40190 @@ -0,0 +1,4 @@ + o Minor bugfixes (SOCKS5): + - Handle partial socks5 messages correctly. Previously, our code would + send an incorrect error message if it got a socks5 request that wasn't + complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha. diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c index 4f39d69d62..0990014884 100644 --- a/src/core/proto/proto_socks.c +++ b/src/core/proto/proto_socks.c @@ -550,6 +550,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, if (parsed == -1) { log_warn(LD_APP, "socks5: parsing failed - invalid client request"); res = SOCKS_RESULT_INVALID; + socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); goto end; } else if (parsed == -2) { res = SOCKS_RESULT_TRUNCATED; @@ -561,6 +562,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, if (socks5_client_request_get_version(trunnel_req) != 5) { res = SOCKS_RESULT_INVALID; + socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); goto end; } @@ -595,6 +597,7 @@ parse_socks5_client_request(const uint8_t *raw_data, socks_request_t *req, tor_addr_to_str(req->address, &destaddr, sizeof(req->address), 1); } break; default: { + socks_request_set_socks5_error(req, SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED); res = -1; } break; } @@ -775,8 +778,10 @@ handle_socks_message(const uint8_t *raw_data, size_t datalen, } else { res = parse_socks5_client_request(raw_data, req, datalen, drain_out); - if (res != SOCKS_RESULT_DONE) { + if (BUG(res == SOCKS_RESULT_INVALID && req->replylen == 0)) { socks_request_set_socks5_error(req, SOCKS5_GENERAL_ERROR); + } + if (res != SOCKS_RESULT_DONE) { goto end; } |