aMule Forum
English => en_Bugs => Topic started by: Lotta on April 19, 2016, 11:31:02 AM
-
Hi all!
IMHO aMule should handle malformed incoming packages gracefully instead of calling wxFail. AIUI, the latter is meant for debugging the OWN code, i.e. to be placed where program control should never arrive in principle.
As already pointed out elsewhere (http://forum.amule.org/index.php?topic=21316.0), I'm talking about the functions CUpDownClient::ProcessPublicKeyPacket() and CUpDownClient::ProcessSignaturePacket() in BaseClient.cpp. Both "fail" (in the sense of calling wxFail) upon receiving oversized packets (i.e. >250) in protocol OP_EMULEPROT.
But obviously, there are clients out there (albeit very few), which do send such oversized packets. Actually, it turns out to be the same buggy/malicious/extended client (couldn't identify it, yet) sending OP_PUBLICKEY with size 421 and OP_SIGNATURE of size 385.
It seems to me that both mentioned functions could simply return in those cases. Any opinion from the experts?
-
Should be fixed now by revision 10922. Any more incarnations of this thread?
-
Should be fixed now by revision 10922.
Thanks a lot!
Any more incarnations of this thread?
Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.
-
Any more incarnations of this thread?
Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.
I guess you didn't find my original encounter with this: http://forum.amule.org/index.php?topic=20904.msg108081#msg108081 :)
-
Any more incarnations of this thread?
Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.
I guess you didn't find my original encounter with this: http://forum.amule.org/index.php?topic=20904.msg108081#msg108081 :)
Oops, you're right. Well, at least we've got the answer to:
Which leaves us with two cases: either a bogus client sends invalid packets, or there's something strange going on inside aMule.