[GIT PULL] Fix various socks5 bugs #4
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If there are 1 entries and 5 workers, and nr_sleeping is 5. It will always batch because nr_entries + 16 is always greater than 5. That's just wrong. Fixes: 317dc79 ("dns: Handle DNS query in batch via `getaddrinfo_a()`") Signed-off-by: Ammar Faizi <[email protected]>
…n_handle_data()` The `gwp_socks5_conn_handle_data()` does not properly handle socks5 data if the CONNECT command comes together with the proxied data. Fixes: 97a3bc1 ("socks5: Initial socks5 modularization") Signed-off-by: Ammar Faizi <[email protected]>
`gwp_socks5_conn_handle_data()` may return `-EAGAIN` and have `in_len` or `out_len` greater than zero. Make sure to account those values. Fixes: 3fad620 ("gwproxy: socks5: Use the socks5 library") Signed-off-by: Ammar Faizi <[email protected]>
The call to `handle_socks5_data()` must only be done when the connection is in `CONN_STATE_SOCKS5_DATA` state. Fixes: 3fad620 ("gwproxy: socks5: Use the socks5 library") Signed-off-by: Ammar Faizi <[email protected]>
ammarfaizi2
added a commit
that referenced
this pull request
Jul 19, 2025
After stress-testing the SOCKS5 proxy server, I found various memory corruption bugs. Here is the stress-test program: https://gist.github.com/ammarfaizi2/53324bb7dd8ca7cb73a92b80b62f8f3b Only the first patch is not related to memory corruption bugs. * bug-fix: gwproxy: Fix an invalid `handle_socks5_data()` call gwproxy: Fix missing buf advance and `target.len` increment gwproxy/socks5: Handle `GWP_SOCKS5_ST_CMD_CONNECT` in `gwp_socks5_conn_handle_data()` gwproxy/dns: Fix the wrong batch condition decision Link: #4 Signed-off-by: Ammar Faizi <[email protected]>
ammarfaizi2
added a commit
that referenced
this pull request
Jul 19, 2025
After stress-testing the SOCKS5 proxy server, I found various memory corruption bugs. Here is the stress-test program: https://gist.github.com/ammarfaizi2/53324bb7dd8ca7cb73a92b80b62f8f3b Only the first patch is not related to memory corruption bugs. * bug-fix: gwproxy: Fix an invalid `handle_socks5_data()` call gwproxy: Fix missing buf advance and `target.len` increment gwproxy/socks5: Handle `GWP_SOCKS5_ST_CMD_CONNECT` in `gwp_socks5_conn_handle_data()` gwproxy/dns: Fix the wrong batch condition decision Link: #4 Signed-off-by: Ammar Faizi <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
After stress-testing the SOCKS5 proxy server, I found various memory
corruption bugs. Here is the stress-test program:
https://gist.github.com/ammarfaizi2/53324bb7dd8ca7cb73a92b80b62f8f3b
Only the first patch is not related to memory corruption bugs.
1) Fix the wrong batch condition decision.
If there are 1 entries and 5 workers, and nr_sleeping is 5. It will
always batch because nr_entries + 16 is always greater than 5. That's
just wrong.
2) Handle
GWP_SOCKS5_ST_CMD_CONNECTingwp_socks5_conn_handle_data().The
gwp_socks5_conn_handle_data()does not properly handle socks5data if the CONNECT command comes together with the proxied data.
3) Fix missing buf advance and
target.lenincrement.gwp_socks5_conn_handle_data()may return-EAGAINand havein_lenor
out_lengreater than zero. Make sure to account those values.4) Fix an invalid
handle_socks5_data()call.The call to
handle_socks5_data()must only be done when theconnection is in
CONN_STATE_SOCKS5_DATAstate.