search

webtorrent / bittorrent-tracker

🌊 Simple, robust, BitTorrent tracker (client & server) implementation
https://webtorrent.io
MIT License
1.77k stars 317 forks source link

When the port number is lower than -1 or exceeds 65536, it will cause the program to crash #512

Closed aagaguai closed 6 months ago

aagaguai commented 6 months ago

What version of this package are you using? v11.0.1 What operating system, Node.js, and npm version? Windows Server 2012 R2 64 bit / v18.17.1 / v9.6.7 What happened? According to the description of the error log, when the port number is lower than -1 or exceeds 65536, it will cause the program to crash. The error log is as follows Error: invalid addr: 110.87.205.114:-1 at addrToIPPort (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/addr-to-ip-port/index.js:11:19) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:10:15 at Array.map (<anonymous>) at addrs (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:9:30) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:683:28 at Swarm.announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/lib/server/swarm.js:58:5) at announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:673:13) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:655:9 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:663:27 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:366:7 Error: invalid addr: 110.87.205.114:-1 at addrToIPPort (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/addr-to-ip-port/index.js:11:19) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:10:15 at Array.map (<anonymous>) at addrs (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:9:30) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:683:28 at Swarm.announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/lib/server/swarm.js:58:5) at announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:673:13) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:655:9 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:663:27 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:366:7 Error: invalid addr: 116.30.214.76:-1 at addrToIPPort (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/addr-to-ip-port/index.js:11:19) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:10:15 at Array.map (<anonymous>) at addrs (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:9:30) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:683:28 at Swarm.announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/lib/server/swarm.js:58:5) at announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:673:13) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:655:9 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:663:27 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:366:7 Error: invalid addr: 110.87.205.114:-1 at addrToIPPort (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/addr-to-ip-port/index.js:11:19) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:10:15 at Array.map (<anonymous>) at addrs (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/node_modules/string2compact/index.js:9:30) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:683:28 at Swarm.announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/lib/server/swarm.js:58:5) at announce (file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:673:13) at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:655:9 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:663:27 at file:///C:/Users/Administrator/Desktop/bittorrent-tracker-11.0.1/server.js:366:7 What did you expect to happen? Trace the cause of the problem and fix it Are you willing to submit a pull request to fix this bug? Yes

SilentBot1 commented 6 months ago

Hi @aagaguai,

Could I verify what your ask is here? Both the transport layer protocols TCP and UDP only support port ranges between 0 and 65535 (2 byte unsigned int), so it's not possible for values outside of these ranges to be supported.

aagaguai commented 6 months ago

你好@aagaguai,

我可以验证一下您的要求吗?传输层协议 TCP 和 UDP 均仅支持 0 到 65535(2 字节无符号整数)之间的端口范围,因此不可能支持这些范围之外的值。

Yes, but because it is requested through http, it is also possible to pretend to send other port numbers, causing the server to be unable to process and crash, so I hope to solve this problem

SilentBot1 commented 6 months ago

Ah, someone is announcing an invalid port and causing it to crash, yeah, that certainly sounds like a problem. I'll start having a look into this, hopefully should be a quick fix.

SilentBot1 commented 6 months ago

@aagaguai please try the changes from the above PR and let me know if this resolves the issue for you.

Once confirmed, I will reach out to the other maintainers to have this reviewed and ideally merged.

SilentBot1 commented 6 months ago

@aagaguai this should now be published as of version 11.0.2.