Skip to content

Commit

Permalink
Add test and fix for malformed/truncated header
Browse files Browse the repository at this point in the history
  • Loading branch information
mastercactapus committed Jul 23, 2019
1 parent 18c1c89 commit 5c4a101
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 9 deletions.
27 changes: 19 additions & 8 deletions headerv2.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,24 @@ func parseV2(r *bufio.Reader) (*HeaderV2, error) {
}

// highest 4 indicate address family
if (rawHdr.FamProto >> 4) > 3 {
switch rawHdr.FamProto >> 4 {
case 0: // local
if rawHdr.Len != 0 {
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid length")}
}
case 1: // ipv4
if rawHdr.Len != 12 {
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid length")}
}
case 2: // ipv6
if rawHdr.Len != 36 {
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid length")}
}
case 3: // unix
if rawHdr.Len != 216 {
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid length")}
}
default:
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid v2 address family")}
}

Expand All @@ -59,13 +76,7 @@ func parseV2(r *bufio.Reader) (*HeaderV2, error) {
return nil, &InvalidHeaderErr{Read: buf[:16], error: errors.New("invalid v2 transport protocol")}
}

if 16+int(rawHdr.Len) > len(buf) {
newBuf := make([]byte, 16+int(rawHdr.Len))
copy(newBuf, buf[:16])
buf = newBuf
} else {
buf = buf[:16+int(rawHdr.Len)]
}
buf = buf[:16+int(rawHdr.Len)]

n, err = io.ReadFull(r, buf[16:])
if err != nil {
Expand Down
4 changes: 3 additions & 1 deletion headerv2_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ func TestHeaderV2(t *testing.T) {
buf.Write(s.value)
}
hdr, err := Parse(bufio.NewReader(&buf))
assert.NoError(t, err)
if !assert.NoError(t, err) {
return
}
assert.IsType(t, &HeaderV2{}, hdr, "Header Type")
p := hdr.(*HeaderV2)
assert.Equal(t, h.Command, p.Command, "Command")
Expand Down
28 changes: 28 additions & 0 deletions parse_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
package proxyprotocol

import (
"bufio"
"bytes"
"testing"

"github.com/stretchr/testify/assert"
)

func TestParse_Malformed(t *testing.T) {
data := []byte{
// PROXY protocol v2 magic header
0x0D, 0x0A, 0x0D, 0x0A, 0x00, 0x0D, 0x0A, 0x51, 0x55, 0x49, 0x54, 0x0A,
// v2 version, PROXY cmd
0x21,
// TCP, IPv4 (also works with 0x13,0x21,0x22,0x31,0x32)
0x12,
// Length
0x00, 0x00,
// src/dest address data _should_ be here but is omitted.
}

_, err := Parse(
bufio.NewReader(
bytes.NewReader(data)))
assert.Error(t, err)
}

0 comments on commit 5c4a101

Please sign in to comment.