[vlc-commits] network/tcp: socks: diagnose ill-formed authentication

Wed, 15 Mar 2017 11:19:55 -0700 

vlc | branch: master | Filip Roséen <[email protected]> | Wed Mar 15 10:07:50 2017 
+0100| [08b8751766a2fc09171c20805a639b6f390176c1] | committer: Hugo 
Beauzée-Luyssen

network/tcp: socks: diagnose ill-formed authentication

The socks protocol does not allow username/password to be longer than
255 characters. Instead of silently truncating the entities to the
maximum limit we should simply reject them.

These changes also removes the XXX comment, as it is not strictly "we"
who does not support longer username/passwords.. it's the protocol
itself.

Signed-off-by: Hugo Beauzée-Luyssen <[email protected]>

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=08b8751766a2fc09171c20805a639b6f390176c1
---

 src/network/tcp.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/src/network/tcp.c b/src/network/tcp.c
index 79459bc..3a4f397 100644
--- a/src/network/tcp.c
+++ b/src/network/tcp.c
@@ -368,18 +368,25 @@ static int SocksNegotiate( vlc_object_t *p_obj,
             return VLC_EGENERIC;
         }
 
-        int i_len1 = __MIN( strlen(psz_socks_user), 255 );
-        int i_len2 = __MIN( strlen(psz_socks_passwd), 255 );
+        int const i_user = strlen( psz_socks_user );
+        int const i_pasw = strlen( psz_socks_passwd );
+
+        if( i_user > 255 || i_pasw > 255 )
+        {
+            msg_Err( p_obj, "socks: rejecting username and/or password due to "
+                            "violation of RFC1929 (longer than 255 bytes)" );
+            return VLC_EGENERIC;
+        }
+
         msg_Dbg( p_obj, "socks: username/password authentication" );
 
-        /* XXX: we don't support user/pwd > 255 (truncated)*/
         buffer[0] = i_socks_version;        /* Version */
-        buffer[1] = i_len1;                 /* User length */
-        memcpy( &buffer[2], psz_socks_user, i_len1 );
-        buffer[2+i_len1] = i_len2;          /* Password length */
-        memcpy( &buffer[2+i_len1+1], psz_socks_passwd, i_len2 );
+        buffer[1] = i_user;                 /* User length */
+        memcpy( &buffer[2], psz_socks_user, i_user );
+        buffer[2+i_user] = i_pasw;          /* Password length */
+        memcpy( &buffer[2+i_user+1], psz_socks_passwd, i_pasw );
 
-        i_len = 3 + i_len1 + i_len2;
+        i_len = 3 + i_user + i_pasw;
 
         if( net_Write( p_obj, fd, buffer, i_len ) != i_len )
             return VLC_EGENERIC;

_______________________________________________
vlc-commits mailing list
[email protected]
https://mailman.videolan.org/listinfo/vlc-commits

Reply via email to