Open JeremyRubin opened 1 year ago
https://github.com/sticnarf/tokio-socks/blob/9fdcccc3da5693712c07fcfc5bb1212df0e3f989/src/tcp.rs#L337
if the username len is 256, and so is the password, then it seems our buf won't have enough space to write all the data and we'll possibly panic.
We should make the buffer larger, or return an err if username/password is too long.
another option would be to make the buf heap allocated and growable
validate_auth checks the length of the username and password. The buf size 513 is calculated according to the limitation.
validate_auth
you are totally correct!
https://github.com/sticnarf/tokio-socks/blob/9fdcccc3da5693712c07fcfc5bb1212df0e3f989/src/tcp.rs#L337
if the username len is 256, and so is the password, then it seems our buf won't have enough space to write all the data and we'll possibly panic.
We should make the buffer larger, or return an err if username/password is too long.
another option would be to make the buf heap allocated and growable