nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 21:44:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct byte-counting in socks auth parsing code

Browse Source
This commit is contained in:
Nick Mathewson 2011-06-29 11:45:15 -04:00
parent 02c2d9a4aa
commit 1ed615ded7
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/or/buffers.c
View File

@ -1648,14 +1648,19 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
"authentication negotiated. Rejecting."); "authentication negotiated. Rejecting.");
return -1; return -1;
} }
/* Format is: authversion [1 byte] == 1
usernamelen [1 byte]
username [usernamelen bytes]
passlen [1 byte]
password [passlen bytes] */
usernamelen = (unsigned char)*(data + 1); usernamelen = (unsigned char)*(data + 1);
if (datalen < 2u + usernamelen) { if (datalen < 2u + usernamelen + 1u) {
*want_length_out = 2u+usernamelen; *want_length_out = 2u + usernamelen + 1u;
return 0; return 0;
} }
passlen = (unsigned char)*(data + 2u + usernamelen); passlen = (unsigned char)*(data + 2u + usernamelen);
if (datalen < 2u + usernamelen + 1u + passlen) { if (datalen < 2u + usernamelen + 1u + passlen) {
*want_length_out = 2u+usernamelen; *want_length_out = 2u + usernamelen + 1u + passlen;
return 0; return 0;
} }
req->replylen = 2; /* 2 bytes of response */ req->replylen = 2; /* 2 bytes of response */