Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: panic on receiving maliciously small packets #28

Closed
Banyc opened this issue May 27, 2023 · 2 comments
Closed

Bug: panic on receiving maliciously small packets #28

Banyc opened this issue May 27, 2023 · 2 comments

Comments

@Banyc
Copy link
Contributor

Banyc commented May 27, 2023

There is an assertion on kcp.rs:46:5 from crate kcp:

/// Read `conv` from raw buffer
pub fn get_conv(mut buf: &[u8]) -> u32 {
    assert!(buf.len() >= KCP_OVERHEAD as usize);

When the receiver gets hit with a packet smaller than KCP_OVERHEAD, the whole process will just die.

I triggered this by simply nc the port with some random characters.
@Banyc
Copy link
Contributor Author

Banyc commented Jun 7, 2023

@zonyitoo I bumped in this bug again and realized that this fix has not been in crates.io yet. It will be great to release it, huge thanks!

@zonyitoo
Copy link
Collaborator

zonyitoo commented Jun 8, 2023

released v0.9.5.

@Banyc Banyc mentioned this issue Jun 11, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zonyitoo @Banyc