Fix: ssr bounds out of range panic (#882)
This commit is contained in:
parent
83a684c551
commit
4ba6f248bc
2 changed files with 15 additions and 3 deletions
|
@ -81,8 +81,9 @@ func (a *authAES128) Decode(b []byte) ([]byte, int, error) {
|
|||
|
||||
h := a.hmac(key, b[:2])
|
||||
if !bytes.Equal(h[:2], b[2:4]) {
|
||||
return nil, 0, errAuthAES128HMACError
|
||||
return nil, 0, errAuthAES128IncorrectMAC
|
||||
}
|
||||
|
||||
length := int(binary.LittleEndian.Uint16(b[:2]))
|
||||
if length >= 8192 || length < 8 {
|
||||
return nil, 0, errAuthAES128DataLengthError
|
||||
|
@ -90,6 +91,12 @@ func (a *authAES128) Decode(b []byte) ([]byte, int, error) {
|
|||
if length > bSize {
|
||||
break
|
||||
}
|
||||
|
||||
h = a.hmac(key, b[:bSize-4])
|
||||
if !bytes.Equal(h[:4], b[bSize-4:]) {
|
||||
return nil, 0, errAuthAES128IncorrectChecksum
|
||||
}
|
||||
|
||||
a.recvID++
|
||||
pos := int(b[4])
|
||||
if pos < 255 {
|
||||
|
@ -98,6 +105,9 @@ func (a *authAES128) Decode(b []byte) ([]byte, int, error) {
|
|||
pos = int(binary.LittleEndian.Uint16(b[5:7])) + 4
|
||||
}
|
||||
|
||||
if pos > length-4 {
|
||||
return nil, 0, errAuthAES128PositionTooLarge
|
||||
}
|
||||
a.buffer.Write(b[pos : length-4])
|
||||
b = b[length:]
|
||||
bSize -= length
|
||||
|
@ -144,7 +154,7 @@ func (a *authAES128) DecodePacket(b []byte) ([]byte, int, error) {
|
|||
bSize := len(b)
|
||||
h := a.hmac(a.Key, b[:bSize-4])
|
||||
if !bytes.Equal(h[:4], b[bSize-4:]) {
|
||||
return nil, 0, errAuthAES128HMACError
|
||||
return nil, 0, errAuthAES128IncorrectMAC
|
||||
}
|
||||
return b[:bSize-4], bSize - 4, nil
|
||||
}
|
||||
|
|
|
@ -9,8 +9,10 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
errAuthAES128HMACError = errors.New("auth_aes128_* post decrypt hmac error")
|
||||
errAuthAES128IncorrectMAC = errors.New("auth_aes128_* post decrypt incorrect mac")
|
||||
errAuthAES128DataLengthError = errors.New("auth_aes128_* post decrypt length mismatch")
|
||||
errAuthAES128IncorrectChecksum = errors.New("auth_aes128_* post decrypt incorrect checksum")
|
||||
errAuthAES128PositionTooLarge = errors.New("auth_aes128_* post decrypt posision is too large")
|
||||
errAuthSHA1v4CRC32Error = errors.New("auth_sha1_v4 post decrypt data crc32 error")
|
||||
errAuthSHA1v4DataLengthError = errors.New("auth_sha1_v4 post decrypt data length error")
|
||||
errAuthSHA1v4IncorrectChecksum = errors.New("auth_sha1_v4 post decrypt incorrect checksum")
|
||||
|
|
Loading…
Reference in a new issue