-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: urcd action: commit revision: path_from: revision_from: 7438a72a9f7887b86288855cbef32d86e382db5f: path_to: revision_to:
commit 7438a72a9f7887b86288855cbef32d86e382db5f
Author: root <root@d3v11.ano>
Date: Sun Feb 17 16:52:51 2013 +0000
[URC][security] eliminate local DoS (check buffsize for MTU and newline for outbound, enforce MTU + newline on incoming)
diff --git a/src/urcrecv.pyx b/src/urcrecv.pyx
--- a/src/urcrecv.pyx
+++ b/src/urcrecv.pyx
@@ -21,13 +21,14 @@ sock.setblocking(0)
while 1:
buffer = str()
+
while 1:
byte = os.read(0,1)
- if not byte or len(buffer)>1024:
- sys.exit(0)
- buffer+=byte
- if byte == '\n':
+ if not byte: sys.exit(0)
+ elif byte == '\n':
+ buffer+=byte
break
+ elif len(buffer)<1024: buffer+=byte
time.sleep(LIMIT)
diff --git a/src/urcsend.pyx b/src/urcsend.pyx
--- a/src/urcsend.pyx
+++ b/src/urcsend.pyx
@@ -34,8 +34,7 @@ sock.bind(str(os.getpid()))
while 1:
buffer, path = sock.recvfrom(1024)
- if not path:
- continue
+ if not path or buffer[len(buffer)-1:] != '\n': continue
try:
if not os.write(fd,buffer):
diff --git a/src/urcstream.pyx b/src/urcstream.pyx
--- a/src/urcstream.pyx
+++ b/src/urcstream.pyx
@@ -67,14 +67,17 @@ def server_poll():
while 1:
if client_poll():
+
buffer = str()
+
while 1:
byte = os.read(rd,1)
- if not byte or len(buffer)>1024:
- sock_close(15,0)
- buffer+=byte
- if byte == '\n':
+ if not byte: sock_close(15,0)
+ elif byte == '\n':
+ buffer+=byte
break
+ elif len(buffer)<1024: buffer+=byte
+
for path in os.listdir(root):
try:
if path != user:
@@ -84,6 +87,7 @@ while 1:
while server_poll():
buffer = os.read(sd,1024)
+ if buffer[len(buffer)-1:] != '\n': continue
try:
if not os.write(wr,buffer):
sock_close(15,0)
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 14:35:16 2024