File tree 10 files changed +37
-6
lines changed
10 files changed +37
-6
lines changed Original file line number Diff line number Diff line change 1+ 2023-03-16 Dustin Lundquist <dustin@null-ptr.net>
2+ 0.6.1 Release
3+
4+ * Fix buffer overflow in address module
5+ * Fix tests
6+
172018-12-05 Dustin Lundquist <dustin@null-ptr.net>
28 0.6.0 Release
39
Original file line number Diff line number Diff line change 22# Process this file with autoconf to produce a configure script.
33
44AC_PREREQ ( [ 2.60] )
5- AC_INIT ( [ sniproxy] , [ 0.6.0 ] )
5+ AC_INIT ( [ sniproxy] , [ 0.6.1 ] )
66AC_CONFIG_SRCDIR ( [ src/sniproxy.c] )
77AC_CONFIG_MACRO_DIR ( [ m4] )
88AM_INIT_AUTOMAKE ( [ subdir-objects] )
Original file line number Diff line number Diff line change 1+ sniproxy (0.6.1) unstable; urgency=high
2+
3+ * Fix buffer overflow in address module
4+ * Fix tests
5+
6+ -- Dustin Lundquist <dustin@null-ptr.net> Thu, 16 Mar 2023 21:53:48 -0700
7+
18sniproxy (0.6.0) unstable; urgency=medium
29
310 * PROXY v1 protocol support
@@ -10,7 +17,7 @@ sniproxy (0.6.0) unstable; urgency=medium
1017sniproxy (0.5.0) unstable; urgency=medium
1118
1219 * Transparent proxy support
13- * Use accept4() on Linix
20+ * Use accept4() on Linux
1421 * Run as group specified in config
1522
1623 -- Dustin Lundquist <dustin@null-ptr.net> Wed, 26 Apr 2017 07:17:13 -0700
Original file line number Diff line number Diff line change 1- 8
1+ 10
Original file line number Diff line number Diff line change 11Name: sniproxy
2- Version: 0.6.0
2+ Version: 0.6.1
33Release: 1%{?dist }
44Summary: Transparent TLS and HTTP layer 4 proxy with SNI support
55
@@ -46,6 +46,10 @@ rm -rf $RPM_BUILD_ROOT
4646
4747
4848%changelog
49+ * Thu Mar 16 2023 Dustin Lundquist <dustin@null-ptr.net 0.6.1-1
50+ - Fix buffer overflow in address module
51+ - Fix tests
52+
4953* Wed Dec 5 2018 Dustin Lundquist <dustin@null-ptr.net> 0.6.0-1
5054- PROXY v1 protocol support
5155- SO_REUSEPORT support on Linux 3.9 and later
Original file line number Diff line number Diff line change 11#! /bin/sh
22
3- VERSION=0.6.0
3+ VERSION=0.6.1
44
55SOURCE_DIR=$( dirname $0 )
66GIT_DIR=${SOURCE_DIR} /.git
Original file line number Diff line number Diff line change @@ -148,6 +148,8 @@ new_address(const char *hostname_or_ip) {
148148 if (hostname_or_ip [0 ] == '[' &&
149149 (port = strchr (hostname_or_ip , ']' )) != NULL ) {
150150 len = (size_t )(port - hostname_or_ip - 1 );
151+ if (len >= INET6_ADDRSTRLEN )
152+ return NULL ;
151153
152154 /* inet_pton() will not parse the IP correctly unless it is in a
153155 * separate string.
Original file line number Diff line number Diff line change 11AM_CPPFLAGS = -I$(top_srcdir ) /src -g $(LIBEV_CFLAGS ) $(LIBPCRE_CFLAGS ) $(LIBUDNS_CFLAGS )
22AM_CFLAGS = -fno-strict-aliasing -Wall -Wextra -Wpedantic -Wwrite-strings
33
4+ .NOTPARALLEL :
5+
46TESTS = address_test \
57 buffer_test \
68 cfg_tokenizer_test \
Original file line number Diff line number Diff line change @@ -35,6 +35,11 @@ my $bad_requests = [
3535 request => " GET / HTTP/1.1\r\n Host: \0 example.com\r\n\r\n " ,
3636 client => \&http_client,
3737 },
38+ {
39+ # Exceed hostname buffer size
40+ request => " GET / HTTP/1.1\r\n Host: [" . ' long.' x 60 . " example.com]\r\n\r\n " ,
41+ client => \&http_client,
42+ },
3843 {
3944 # Test client aborting connection before DNS response received
4045 request => " GET / HTTP/1.1\r\n Host: example.com\r\n\r\n " ,
Original file line number Diff line number Diff line change @@ -31,11 +31,16 @@ sub slow_client($$) {
3131 my $socket = IO::Socket::INET-> new(PeerAddr => ' 127.0.0.1' ,
3232 PeerPort => $port ,
3333 Proto => " tcp" ,
34- Type => SOCK_STREAM)
34+ Type => SOCK_STREAM,
35+ Timeout => 5)
3536 or die " couldn't connect $! " ;
3637
3738 $socket -> send ($request );
3839 foreach (split (" \r\n " , $request )) {
40+ unless ($socket -> connected()) {
41+ print " Disconnected\n " ;
42+ exit (0);
43+ }
3944 $socket -> send (" $_ \r\n " );
4045 sleep (1);
4146 }
You can’t perform that action at this time.
0 commit comments