Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#4919 closed defect (fixed)

obfsproxy: Wrong sizeof target in pending_socks_cb()

Reported by: asn Owned by: asn
Priority: Medium Milestone:
Component: Archived/Obfsproxy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

network.c:pending_socks_cb()

...
    struct sockaddr_storage ss;
    struct sockaddr *sa = (struct sockaddr*)&ss;
    socklen_t slen = sizeof(&ss);
...
    if (getpeername(bufferevent_getfd(bev), sa, &slen) == 0) {
...

slen gets filled with the size of the pointer, but we want it to be filled with the size of sockaddr.

Child Tickets

Change History (3)

comment:1 Changed 9 years ago by asn

Status: newneeds_review

Please see branch bug4919 in https://git.gitorious.org/obfsproxy/obfsproxy.git.

comment:2 Changed 9 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

This looks wrong too; it should be sizeof(ss). sizeof(*sa) is sizeof(struct sockaddr), which is less than the amount of storage available.

Just did the right fix in c24f24b5647e9816f2ce76e265edd6091dc7abe3 ; please reopen if it's wrong.

comment:3 Changed 9 years ago by arma

Component: Pluggable transportObfsproxy
Note: See TracTickets for help on using tickets.