Here is the fix for this DoS, from upstream git:
Author: Kevin Smith <[email protected]> Date: Wed Dec 17 17:38:39 2008 +0000 Justin's fix for DOS vulnerability in file transfer code diff --git a/cutestuff/network/socks.cpp b/cutestuff/network/socks.cpp index 31d728d..91e7e19 100644 --- a/cutestuff/network/socks.cpp +++ b/cutestuff/network/socks.cpp @@ -261,7 +261,8 @@ static int spc_get_version(QByteArray *from, SPCS_VERSION *s) return -1; if(from->size() < 2) return 0; - int num = from->at(1); + unsigned char mlen = from->at(1); + int num = mlen; if(num > 16) // who the heck has over 16 auth methods?? return -1; if(from->size() < 2 + num) -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
