Commit a282145b authored by David Goulet's avatar David Goulet 🐼
Browse files

socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4a

The logic was inverted. Introduced in commit
9155e084.

This was reported through our bug bounty program on H1. It fixes the
TROVE-2022-002.

Fixes #40730



Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
parent b117ce48
o Major bugfixes (TROVE-2022-002, client):
- The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It
would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is
TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug
40730; bugfix on 0.3.5.1-alpha.
......@@ -233,7 +233,7 @@ static socks_result_t
process_socks4_request(const socks_request_t *req, int is_socks4a,
int log_sockstype, int safe_socks)
{
if (is_socks4a && !addressmap_have_mapping(req->address, 0)) {
if (!is_socks4a && !addressmap_have_mapping(req->address, 0)) {
log_unsafe_socks_warning(4, req->address, req->port, safe_socks);
if (safe_socks)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment