[vlc-commits] network/tcp: socks: diagnose ill-formed authentication

Filip Roséen git at videolan.org
Wed Mar 15 19:19:25 CET 2017 

vlc | branch: master | Filip Roséen <filip at atch.se> | Wed Mar 15 10:07:50 2017 +0100| [08b8751766a2fc09171c20805a639b6f390176c1] | committer: Hugo Beauzée-Luyssen

network/tcp: socks: diagnose ill-formed authentication

The socks protocol does not allow username/password to be longer than
255 characters. Instead of silently truncating the entities to the
maximum limit we should simply reject them.

These changes also removes the XXX comment, as it is not strictly "we"
who does not support longer username/passwords.. it's the protocol
itself.

Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=08b8751766a2fc09171c20805a639b6f390176c1
---

 src/network/tcp.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/src/network/tcp.c b/src/network/tcp.c
index 79459bc..3a4f397 100644
--- a/src/network/tcp.c
+++ b/src/network/tcp.c
@@ -368,18 +368,25 @@ static int SocksNegotiate( vlc_object_t *p_obj,
             return VLC_EGENERIC;
         }
 
-        int i_len1 = __MIN( strlen(psz_socks_user), 255 );
-        int i_len2 = __MIN( strlen(psz_socks_passwd), 255 );
+        int const i_user = strlen( psz_socks_user );
+        int const i_pasw = strlen( psz_socks_passwd );
+
+        if( i_user > 255 || i_pasw > 255 )
+        {
+            msg_Err( p_obj, "socks: rejecting username and/or password due to "
+                            "violation of RFC1929 (longer than 255 bytes)" );
+            return VLC_EGENERIC;
+        }
+
         msg_Dbg( p_obj, "socks: username/password authentication" );
 
-        /* XXX: we don't support user/pwd > 255 (truncated)*/
         buffer[0] = i_socks_version;        /* Version */
-        buffer[1] = i_len1;                 /* User length */
-        memcpy( &buffer[2], psz_socks_user, i_len1 );
-        buffer[2+i_len1] = i_len2;          /* Password length */
-        memcpy( &buffer[2+i_len1+1], psz_socks_passwd, i_len2 );
+        buffer[1] = i_user;                 /* User length */
+        memcpy( &buffer[2], psz_socks_user, i_user );
+        buffer[2+i_user] = i_pasw;          /* Password length */
+        memcpy( &buffer[2+i_user+1], psz_socks_passwd, i_pasw );
 
-        i_len = 3 + i_len1 + i_len2;
+        i_len = 3 + i_user + i_pasw;
 
         if( net_Write( p_obj, fd, buffer, i_len ) != i_len )
             return VLC_EGENERIC;

More information about the vlc-commits mailing list