bughz/glider
1
0
Fork 0
mirror of https://github.com/nadoo/glider.git synced 2025-02-23 09:25:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

dns: add length check to avoid panic

Browse Source
This commit is contained in:
nadoo 2020-05-05 01:30:57 +08:00
parent 665d722d2c
commit e3c57ba369
6 changed files with 20 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@ -90,7 +90,7 @@ glider -h
<summary>click to see details</summary> <summary>click to see details</summary>
```bash ```bash
./glider 0.10.0 usage: glider 0.10.0 usage:
-checkdisabledonly -checkdisabledonly
check disabled fowarders only check disabled fowarders only
-checkinterval int -checkinterval int
@ -138,30 +138,9 @@ glider -h
-verbose -verbose
verbose mode verbose mode
Available Schemes: Available schemes:
mixed: serve as a http/socks5 proxy on the same port. (default)
ss: ss proxy
socks4: socks4 proxy
socks5: socks5 proxy
http: http proxy
ssr: ssr proxy
vmess: vmess proxy
trojan: trojan proxy
tls: tls transport
ws: websocket transport
redir: redirect proxy. (used on linux as a transparent proxy with iptables redirect rules)
redir6: redirect proxy(ipv6)
tcptun: tcp tunnel
udptun: udp tunnel
uottun: udp over tcp tunnel
unix: unix domain socket
kcp: kcp protocol
simple-obfs: simple-obfs protocol
reject: a virtual proxy which just reject connections
Available schemes for different modes:
listen: mixed ss socks5 http redir redir6 tcptun udptun uottun tls unix kcp listen: mixed ss socks5 http redir redir6 tcptun udptun uottun tls unix kcp
forward: reject ss socks5 http ssr vmess trojan tls ws unix kcp simple-obfs forward: reject ss socks4 socks5 http ssr ssh vmess trojan tls ws unix kcp simple-obfs
SS scheme: SS scheme:
ss://method:pass@host:port ss://method:pass@host:port

26
conf.go
View File

@ -114,31 +114,9 @@ func usage() {
flag.PrintDefaults() flag.PrintDefaults()
fmt.Fprintf(w, "\n") fmt.Fprintf(w, "\n")
fmt.Fprintf(w, "Available Schemes:\n") fmt.Fprintf(w, "Available schemes:\n")
fmt.Fprintf(w, " mixed: serve as a http/socks5 proxy on the same port. (default)\n")
fmt.Fprintf(w, " ss: ss proxy\n")
fmt.Fprintf(w, " socks4: socks4 proxy\n")
fmt.Fprintf(w, " socks5: socks5 proxy\n")
fmt.Fprintf(w, " http: http proxy\n")
fmt.Fprintf(w, " ssr: ssr proxy\n")
fmt.Fprintf(w, " vmess: vmess proxy\n")
fmt.Fprintf(w, " trojan: trojan proxy\n")
fmt.Fprintf(w, " tls: tls transport\n")
fmt.Fprintf(w, " ws: websocket transport\n")
fmt.Fprintf(w, " redir: redirect proxy. (used on linux as a transparent proxy with iptables redirect rules)\n")
fmt.Fprintf(w, " redir6: redirect proxy(ipv6)\n")
fmt.Fprintf(w, " tcptun: tcp tunnel\n")
fmt.Fprintf(w, " udptun: udp tunnel\n")
fmt.Fprintf(w, " uottun: udp over tcp tunnel\n")
fmt.Fprintf(w, " unix: unix domain socket\n")
fmt.Fprintf(w, " kcp: kcp protocol\n")
fmt.Fprintf(w, " simple-obfs: simple-obfs protocol\n")
fmt.Fprintf(w, " reject: a virtual proxy which just reject connections\n")
fmt.Fprintf(w, "\n")
fmt.Fprintf(w, "Available schemes for different modes:\n")
fmt.Fprintf(w, " listen: mixed ss socks5 http redir redir6 tcptun udptun uottun tls unix kcp\n") fmt.Fprintf(w, " listen: mixed ss socks5 http redir redir6 tcptun udptun uottun tls unix kcp\n")
fmt.Fprintf(w, " forward: reject ss socks5 http ssr vmess trojan tls ws unix kcp simple-obfs\n") fmt.Fprintf(w, " forward: reject ss socks4 socks5 http ssr ssh vmess trojan tls ws unix kcp simple-obfs\n")
fmt.Fprintf(w, "\n") fmt.Fprintf(w, "\n")
fmt.Fprintf(w, "SS scheme:\n") fmt.Fprintf(w, "SS scheme:\n")

12
dns/client.go
View File

@ -163,7 +163,9 @@ func (c *Client) exchange(qname string, reqBytes []byte, preferTCP bool) (
defer rc.Close() defer rc.Close()
// TODO: support timeout setting for different upstream server // TODO: support timeout setting for different upstream server
rc.SetDeadline(time.Now().Add(time.Duration(c.config.Timeout) * time.Second)) if c.config.Timeout > 0 {
rc.SetDeadline(time.Now().Add(time.Duration(c.config.Timeout) * time.Second))
}
switch network { switch network {
case "tcp": case "tcp":
@ -219,14 +221,14 @@ func (c *Client) exchangeUDP(rc net.Conn, reqBytes []byte) ([]byte, error) {
return nil, err return nil, err
} }
reqBytes = make([]byte, 2+UDPMaxLen) respBytes := make([]byte, 2+UDPMaxLen)
n, err := rc.Read(reqBytes[2:]) n, err := rc.Read(respBytes[2:])
if err != nil { if err != nil {
return nil, err return nil, err
} }
binary.BigEndian.PutUint16(reqBytes[:2], uint16(n)) binary.BigEndian.PutUint16(respBytes[:2], uint16(n))
return reqBytes[:2+n], nil return respBytes[:2+n], nil
} }
// SetServers sets upstream dns servers for the given domain. // SetServers sets upstream dns servers for the given domain.

4
dns/message.go
View File

@ -403,6 +403,10 @@ func MarshalDomainTo(w io.Writer, domain string) (int, error) {
// UnmarshalDomain gets domain from bytes. // UnmarshalDomain gets domain from bytes.
func (m *Message) UnmarshalDomain(b []byte) (string, int, error) { func (m *Message) UnmarshalDomain(b []byte) (string, int, error) {
if len(b) < 2 {
return "", 0, errors.New("UnmarshalDomain: not enough size")
}
var idx, size int var idx, size int
var labels = []string{} var labels = []string{}

2
proxy/direct.go
View File

@ -89,7 +89,7 @@ func (d *Direct) dial(network, addr string, localIP net.IP) (net.Conn, error) {
c.SetKeepAlive(true) c.SetKeepAlive(true)
} }
if d.relayTimeout != 0 { if d.relayTimeout > 0 {
c.SetDeadline(time.Now().Add(d.relayTimeout)) c.SetDeadline(time.Now().Add(d.relayTimeout))
} }

4
strategy/strategy.go
View File

@ -256,7 +256,9 @@ func checkWebSite(fwdr *Forwarder, website string, timeout time.Duration, buf []
} }
defer rc.Close() defer rc.Close()
rc.SetDeadline(time.Now().Add(timeout)) if timeout > 0 {
rc.SetDeadline(time.Now().Add(timeout))
}
_, err = rc.Write([]byte("GET / HTTP/1.0\r\n\r\n")) _, err = rc.Write([]byte("GET / HTTP/1.0\r\n\r\n"))
if err != nil { if err != nil {