buffer overflow detected with using: protocol auth_chain_f option

ShadowsocksR-Live / shadowsocksr-native

翻墙从容穿越党国敏感日 ShadowsocksR (SSRoT) native implementation for all platforms, GFW terminator

https://github.com/ShadowsocksR-Live/shadowsocksr-native/wiki

GNU General Public License v3.0

2.75k stars 766 forks source link

buffer overflow detected with using: protocol auth_chain_f option #45

Closed ITz-net closed 5 years ago

ITz-net commented 5 years ago

What version of shadowsocks-native are you using?

latest (today install)

What operating system are you using?

both ubuntu 16, and 18 as client

What did you do?

try to get stable connection..

What did you expect to see?

not started (crash) with use: protocol auth_chain_f option

What did you see instead?

with other option of protocol working good, tested with: auth_chain_d and auth_chain_e

What is your config in detail (with all sensitive info masked)?

ssr-client:info: protocol auth_chain_f buffer overflow detected : /usr/bin/ssr-client terminated

ITz-net commented 5 years ago

also crashed server SSR with protocol auth_chain_f option:

Dec 25 12:31:38 systemd[1]: Started ssr-native. Dec 25 12:48:48 systemd[1]: ssr-native.service: Main process exited, c Dec 25 12:48:48 ssr-native[14614]: ShadowsocksR Native is stopped Dec 25 12:48:48 systemd[1]: ssr-native.service: Control process exited Dec 25 12:48:48 systemd[1]: ssr-native.service: Unit entered failed st Dec 25 12:48:48 \ systemd[1]: ssr-native.service: Failed with result 'ex ~

ssrlive commented 5 years ago

did you find out which code line number crashing the app?

ITz-net commented 5 years ago

no, i just see output of ssr-live running service

ITz-net commented 5 years ago

also i try some days your products and it still beta.. not release, not stable work.. i go to ss-libev it be stable then your ss-live.