diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-06-29 11:45:15 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-06-29 11:45:15 -0400 |
| commit | 1ed615ded7db0765e8355687bda8b00fdc643e3e (patch) | |
| tree | c6fbb080e3fc793de77880e4f6317621f50b29a7 /src/or/buffers.c | |
| parent | 02c2d9a4aa2a7ce339e87be9c0c0dc23a6881c14 (diff) | |
| download | tor-1ed615ded7db0765e8355687bda8b00fdc643e3e.tar.gz tor-1ed615ded7db0765e8355687bda8b00fdc643e3e.zip | |
Correct byte-counting in socks auth parsing code
Diffstat (limited to 'src/or/buffers.c')
| -rw-r--r-- | src/or/buffers.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c index 445376f60e..4b8532af09 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1648,14 +1648,19 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req, "authentication negotiated. Rejecting."); return -1; } + /* Format is: authversion [1 byte] == 1 + usernamelen [1 byte] + username [usernamelen bytes] + passlen [1 byte] + password [passlen bytes] */ usernamelen = (unsigned char)*(data + 1); - if (datalen < 2u + usernamelen) { - *want_length_out = 2u+usernamelen; + if (datalen < 2u + usernamelen + 1u) { + *want_length_out = 2u + usernamelen + 1u; return 0; } passlen = (unsigned char)*(data + 2u + usernamelen); if (datalen < 2u + usernamelen + 1u + passlen) { - *want_length_out = 2u+usernamelen; + *want_length_out = 2u + usernamelen + 1u + passlen; return 0; } req->replylen = 2; /* 2 bytes of response */ |