aMule Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

We're back! (IN POG FORM)

Author Topic: handling of oversized incoming packets  (Read 1571 times)

Lotta

  • Newbie
  • *
  • Karma: 1
  • Offline Offline
  • Posts: 10
handling of oversized incoming packets
« on: April 19, 2016, 11:31:02 AM »

Hi all!

IMHO aMule should handle malformed incoming packages gracefully instead of calling wxFail. AIUI, the latter is meant for debugging the OWN code, i.e. to be placed where program control should never arrive in principle.

As already pointed out elsewhere (http://forum.amule.org/index.php?topic=21316.0), I'm talking about the functions CUpDownClient::ProcessPublicKeyPacket() and CUpDownClient::ProcessSignaturePacket() in BaseClient.cpp. Both "fail" (in the sense of calling wxFail) upon receiving oversized packets (i.e. >250) in protocol OP_EMULEPROT.

But obviously, there are clients out there (albeit very few), which do send such oversized packets. Actually, it turns out to be the same buggy/malicious/extended client (couldn't identify it, yet) sending OP_PUBLICKEY with size 421 and OP_SIGNATURE of size 385.

It seems to me that both mentioned functions could simply return in those cases. Any opinion from the experts?
Logged

GonoszTopi

  • The current man in charge of most things.
  • Administrator
  • Hero Member
  • *****
  • Karma: 164
  • Offline Offline
  • Posts: 2703
Re: handling of oversized incoming packets
« Reply #1 on: May 06, 2016, 10:44:52 PM »

Should be fixed now by revision 10922. Any more incarnations of this thread?
Logged
concordia cum veritate

Lotta

  • Newbie
  • *
  • Karma: 1
  • Offline Offline
  • Posts: 10
Re: handling of oversized incoming packets
« Reply #2 on: May 06, 2016, 11:46:34 PM »

Should be fixed now by revision 10922.

Thanks a lot!

Any more incarnations of this thread?

Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.
Logged

GonoszTopi

  • The current man in charge of most things.
  • Administrator
  • Hero Member
  • *****
  • Karma: 164
  • Offline Offline
  • Posts: 2703
Re: handling of oversized incoming packets
« Reply #3 on: May 07, 2016, 06:19:41 AM »

Any more incarnations of this thread?

Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.

I guess you didn't find my original encounter with this: http://forum.amule.org/index.php?topic=20904.msg108081#msg108081 :)
Logged
concordia cum veritate

Lotta

  • Newbie
  • *
  • Karma: 1
  • Offline Offline
  • Posts: 10
Re: handling of oversized incoming packets
« Reply #4 on: May 10, 2016, 12:56:19 AM »

Any more incarnations of this thread?

Sorry for the triplication, which was due to the history of my encounter with the bug and its origin.

I guess you didn't find my original encounter with this: http://forum.amule.org/index.php?topic=20904.msg108081#msg108081 :)


Oops, you're right. Well, at least we've got the answer to:

Which leaves us with two cases: either a bogus client sends invalid packets, or there's something strange going on inside aMule.
Logged