Skip to content

Commit 5120966

Browse files
ssrlivessrlive
committed
security fixing
1 parent 932f2f4 commit 5120966

File tree

3 files changed

+27
-10
lines changed

3 files changed

+27
-10
lines changed

src/api.rs

Lines changed: 23 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -48,16 +48,31 @@ pub unsafe extern "C" fn dns2socks_start(
4848
.force_tcp(force_tcp)
4949
.cache_records(cache_records);
5050
if !listen_addr.is_null() {
51-
let listen_addr = unsafe { std::ffi::CStr::from_ptr(listen_addr) }.to_str().unwrap();
52-
config.listen_addr(listen_addr.parse().unwrap());
51+
let Ok(listen_addr) = unsafe { std::ffi::CStr::from_ptr(listen_addr) }.to_str() else {
52+
return -3;
53+
};
54+
let Ok(addr) = listen_addr.parse() else {
55+
return -4;
56+
};
57+
config.listen_addr(addr);
5358
}
5459
if !dns_remote_server.is_null() {
55-
let dns_remote_server = unsafe { std::ffi::CStr::from_ptr(dns_remote_server) }.to_str().unwrap();
56-
config.dns_remote_server(dns_remote_server.parse().unwrap());
60+
let Ok(dns_remote_server) = unsafe { std::ffi::CStr::from_ptr(dns_remote_server) }.to_str() else {
61+
return -5;
62+
};
63+
let Ok(addr) = dns_remote_server.parse() else {
64+
return -6;
65+
};
66+
config.dns_remote_server(addr);
5767
}
5868
if !socks5_settings.is_null() {
59-
let socks5_settings = unsafe { std::ffi::CStr::from_ptr(socks5_settings) }.to_str().unwrap();
60-
config.socks5_settings(crate::config::ArgProxy::try_from(socks5_settings).unwrap());
69+
let Ok(socks5_settings) = unsafe { std::ffi::CStr::from_ptr(socks5_settings) }.to_str() else {
70+
return -7;
71+
};
72+
let Ok(proxy_settings) = crate::config::ArgProxy::try_from(socks5_settings) else {
73+
return -8;
74+
};
75+
config.socks5_settings(proxy_settings);
6176
}
6277

6378
let main_loop = async move {
@@ -69,10 +84,10 @@ pub unsafe extern "C" fn dns2socks_start(
6984
};
7085

7186
match tokio::runtime::Builder::new_multi_thread().enable_all().build() {
72-
Err(_e) => -3,
87+
Err(_e) => -9,
7388
Ok(rt) => match rt.block_on(main_loop) {
7489
Ok(_) => 0,
75-
Err(_e) => -4,
90+
Err(_e) => -10,
7691
},
7792
}
7893
}

src/dump_logger.rs

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,9 @@ impl DumpLogger {
6262
record.module_path().unwrap_or(""),
6363
record.args()
6464
);
65-
let c_msg = std::ffi::CString::new(msg).unwrap();
65+
let Ok(c_msg) = std::ffi::CString::new(msg) else {
66+
return;
67+
};
6668
let ptr = c_msg.as_ptr();
6769
if let Some(Some(cb)) = DUMP_CALLBACK.get() {
6870
unsafe { cb.clone().call(record.level().into(), ptr) };

src/lib.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -173,7 +173,7 @@ async fn handle_tcp_incoming(
173173
timeout: Duration,
174174
) -> Result<()> {
175175
let mut buf = [0u8; MAX_BUFFER_SIZE];
176-
let n = incoming.read(&mut buf).await?;
176+
let n = tokio::time::timeout(timeout, incoming.read(&mut buf)).await??;
177177

178178
let message = dns::parse_data_to_dns_message(&buf[..n], true)?;
179179
let domain = dns::extract_domain_from_dns_message(&message)?;

0 commit comments

Comments
 (0)