From ab9acecea10aa4decab44b6daf9ff53e60e8113b Mon Sep 17 00:00:00 2001 From: Santiago Lo Coco Date: Tue, 21 Jun 2022 20:58:38 -0300 Subject: [PATCH] Accept commands that aren't terminated in CRLF Co-authored-by: Ezequiel Bellver Co-authored-by: Juan Barmasch --- src/socks5nio.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/socks5nio.c b/src/socks5nio.c index 126b187..fd1b583 100644 --- a/src/socks5nio.c +++ b/src/socks5nio.c @@ -1107,7 +1107,7 @@ static unsigned copy_r(struct selector_key * key) { if (d->parser_user != NULL && pwd_dissector_active) { struct parser_event * st = NULL; - for (int i = 0, k = 0; i < n; i++) { + for (int i = 0, k = 0; i < n && i <= USER_MAX_SIZE; i++) { if (st != NULL && st->type == STRING_CMP_NEQ) { parser_reset(d->parser_user); parser_reset(d->parser_pass); @@ -1122,14 +1122,22 @@ static unsigned copy_r(struct selector_key * key) { d->user[k++] = *(ptr + i); if (*(ptr + i) == '\n') { d->user_done = true; - d->user[k - 2] = 0; + if (d->user[k - 2] == '\r') { + d->user[k - 2] = 0; + } else { + d->user[k - 1] = 0; + } k = 0; } } else if (!d->pass_done && st->type == STRING_CMP_EQ) { if (*(ptr + i) == '\n') { d->pass_done = true; - d->pass[k - 1] = 0; + if (d->pass[k - 1] == '\r') { + d->pass[k - 1] = 0; + } else { + d->pass[k] = 0; + } log_request_password((const struct sockaddr *) &ATTACHMENT(key)->origin_addr, ATTACHMENT(key)->username, d->user, d->pass); d->user_done = false; d->pass_done = false;