Skip to content

Fix a local-only CPU DoS bug.

Nick Mathewson requested to merge nickm/arti:socks-read-fix into main

Previously, there was a bug in the way that our code used our SOCKS implementations. If the buffer used for a SOCKS handshake became full without completing the handshake, then rather than expanding the buffer or closing the connection, our code would keep trying to read into the zero-byte slice available in the full buffer forever, in a tight loop.

We're classifying this as a LOW-severity issue, since it is only exploitable by pluggable transports (which are trusted) and by local applications with access to the SOCKS port.

Closes #861 (closed).

Reported-By: Jakob Lell

Merge request reports

Loading