mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 06:13:31 +01:00
Correct byte-counting in socks auth parsing code
This commit is contained in:
parent
02c2d9a4aa
commit
1ed615ded7
@ -1648,14 +1648,19 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
|
||||
"authentication negotiated. Rejecting.");
|
||||
return -1;
|
||||
}
|
||||
/* Format is: authversion [1 byte] == 1
|
||||
usernamelen [1 byte]
|
||||
username [usernamelen bytes]
|
||||
passlen [1 byte]
|
||||
password [passlen bytes] */
|
||||
usernamelen = (unsigned char)*(data + 1);
|
||||
if (datalen < 2u + usernamelen) {
|
||||
*want_length_out = 2u+usernamelen;
|
||||
if (datalen < 2u + usernamelen + 1u) {
|
||||
*want_length_out = 2u + usernamelen + 1u;
|
||||
return 0;
|
||||
}
|
||||
passlen = (unsigned char)*(data + 2u + usernamelen);
|
||||
if (datalen < 2u + usernamelen + 1u + passlen) {
|
||||
*want_length_out = 2u+usernamelen;
|
||||
*want_length_out = 2u + usernamelen + 1u + passlen;
|
||||
return 0;
|
||||
}
|
||||
req->replylen = 2; /* 2 bytes of response */
|
||||
|
Loading…
Reference in New Issue
Block a user