[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Correct byte-counting in socks auth parsing code

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/master] Correct byte-counting in socks auth parsing code
From: nickm@xxxxxxxxxxxxxx
Date: Wed, 13 Jul 2011 16:13:21 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 13 Jul 2011 12:14:02 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 1ed615ded7db0765e8355687bda8b00fdc643e3e
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Wed Jun 29 11:45:15 2011 -0400

    Correct byte-counting in socks auth parsing code
---
 src/or/buffers.c |   11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/or/buffers.c b/src/or/buffers.c
index 445376f..4b8532a 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1648,14 +1648,19 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
                  "authentication negotiated. Rejecting.");
         return -1;
       }
+      /* Format is: authversion [1 byte] == 1
+                    usernamelen [1 byte]
+                    username    [usernamelen bytes]
+                    passlen     [1 byte]
+                    password    [passlen bytes] */
       usernamelen = (unsigned char)*(data + 1);
-      if (datalen < 2u + usernamelen) {
-        *want_length_out = 2u+usernamelen;
+      if (datalen < 2u + usernamelen + 1u) {
+        *want_length_out = 2u + usernamelen + 1u;
         return 0;
       }
       passlen = (unsigned char)*(data + 2u + usernamelen);
       if (datalen < 2u + usernamelen + 1u + passlen) {
-        *want_length_out = 2u+usernamelen;
+        *want_length_out = 2u + usernamelen + 1u + passlen;
         return 0;
       }
       req->replylen = 2; /* 2 bytes of response */



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] bug1666 - Pass-through support for SOCKS5 authentication(4)
Next by Author: [tor-commits] [tor/master] Record username/password data in socks_request_t
Previous by thread: [tor-commits] [tor/master] bug1666 - Pass-through support for SOCKS5 authentication(4)
Next by thread: [tor-commits] [tor/master] Record username/password data in socks_request_t
Index(es):
- Author
- Thread